The misconception seems to be breaking that Linux is not vulnerable to attacks and is totally bulletproof.
Today an announcement was made by Canonical declaring that Ubuntu forums were hacked, but their operating system still hasn’t faced any vulnerabilities or weaknesses. Forums are only used by the Linux community to discuss Operating System related developments, but such an incident still brings embarrassment to the Linux community as a result of failure to install a patch on the part of the Canonical.
However, following the incident, Canonical Ltd. has gone into protective mode, launching a thorough investigation into the matter. Several corrective steps were taken, and full service of the forum was restored reasonably quickly. Jane Silber, Chief Executive Office of the Canonical Ltd., also made an announcement later that for transparencies sake, they will be sharing the details of the hack, and what steps were taken. The corporation also apologized for the breach and inconvenience caused.
A preliminary investigation into the matter revealed that there had been an exposure of data, and they shut down the forum as a preventive measure. Further investigation lead to the conclusion that the hack was done by exploiting an SQL injection vulnerability in the Forumrunner add-on, which they failed to patch in the first place. So, as it turns out, the hack was a direct result of the negligent behavior of the network administrators.
Silber revealed the following information which the hacker or hackers were able to access;
What the hackers managed to access:
- The SQL injection enabled them to read from the forum database.
- They managed to download portions of the user table which contained details of the usernames, emails, and their IP addresses. However, they were not able to access any existing passwords because they were hashed.
What the hackers could not manage to access:
- The hackers were not able to access the Ubuntu code repository and update delivery mechanism.
- They did not get access to active user passwords.
- Hackers were not able to gain remote SQL write access to the database.
- No other services of Canonical or Ubuntu were accessed.
By far the most severe concern is hackers having your IP addresses and usernames. However, passwords were not taken so you can relax in that regard. Canonical has been transparent in the process and has successfully patched the vulnerability, also hardening the security. That being said, the hack was a direct result of their failure to patch the add-on, and so deserve any criticism they receive.
Regardless of the situation, always have a good VPN on hand, and for you Linux users, we have the perfect list.