How to know if our Linux Mint is infected?

Joaquín García

2 minutes

linux-mint-17-hacked

As you well know, a few days ago some hackers made a prank on the Linux Mint team and made users download a Linux Mint infected with the Tsunami Trojan instead of the true version of Linux Mint. This news has been around the world several times since it was something unusual so far and more focused on the Gnu / Linux world.

Despite all that has been published, there is little news about how to get rid of this infected Linux Mint or how to know if our computer is still infected and therefore act accordingly.

Currently there are three methods to know if our computer is infected or not. The first of them goes through checking the md5sum fileIf our image matches the real md5sum, the distribution is not infected, but if any digit varies, our computer is infected.

3 Methods to know if our Linux Mint is infected or not

To make this method work, we open a terminal and type the following:

md5sum ImagenLinuxMint.iso

where it says "ImagenLinuxMint.iso" we will put the path of the installation image that we have used. Then the code md5Sum will appear, the correct codes are as follows and must match our image or it will be wrong:
6e7f7e03500747c6c3bfece2c9c8394f –Linuxmint-17.3-cinnamon-32bit.iso
e71a2aad8b58605e906dbea444dc4983 –Linuxmint-17.3-cinnamon-64bit.iso
30fef1aa1134c5f3778c77c4417f7238 –Linuxmint-17.3-cinnamon-nocodecs-32bit.iso
3406350a87c201cdca0927b1bc7c2ccd –Linuxmint-17.3-cinnamon-nocodecs-64bit.iso
df38af96e99726bb0a1ef3e5cd47563d –Linuxmint-17.3-cinnamon-oem-64bit.iso
If, on the other hand, we no longer have the installation image but the installation usb, to know if it is infected or not we have to load Linux Mint in Live mode and go to / var / lib / if in that folder there is a file called man.cy, then the system is also infected. And we may have erased not only the installation image but also the usb with the installation disk. In this case, we only have to consult this website where it tells us if the information of our user or our email has been stolen. It is a secure website that only reports if the user data that we indicate appears on the network.

Once we have found out if we are infected or not, if we are, the most correct is to download a clean image from a computer without infecting. Make a backup of our data and after that erase the computer, as well as the partition table and do a clean installation of Linux Mint. In this case the risk is high, any precaution is low if we are really infected Do not you think?


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Jorge Daniel Mejía said
    ago 8 years

    and what if they are infected

    Reply to Jorge Daniel Mejia
    1.    Dimas Ortega said
      ago 8 years

      The logical thing would be to download the iso again, because it is assumed that the Linux Mint team should have already uploaded its clean version, and if you used the hacked version, it would be advisable to change the passwords of the pages or software that were used ...

      Reply to Dimas Ortega
    2.    klaus schultz said
      ago 8 years

      The security of your personal information and files is compromised.

      Reply to Klaus Schultz
  2.   pepper said
    ago 8 years

    question, is someone infected?

    I don't know a single case

    Reply to pepe
  3.   Gestures said
    ago 8 years

    That's why I don't like Linux Mint ...

    Respond to Gestures