[gentoo-dev] Hostile takeover of our github mirror. Don't use ebuild from there until new warning!

public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-dev] Hostile takeover of our github mirror. Don't use ebuild from there until new warning!
@ 2018-06-28 21:15 Francisco Blas Izquierdo Riera (klondike)
  2018-06-28 21:54 ` [gentoo-dev] " Francisco Blas Izquierdo Riera (klondike)
  2018-06-29  0:46 ` [gentoo-dev] " Richard Yao
  0 siblings, 2 replies; 5+ messages in thread
From: Francisco Blas Izquierdo Riera (klondike) @ 2018-06-28 21:15 UTC (permalink / raw
  To: gentoo-announce; +Cc: Gentoo Development, Gentoo mailing list

[-- Attachment #1.1: Type: text/plain, Size: 542 bytes --]

Hi!

I just want to notify that an attacker has taken control of the Gentoo
organization in Github and has among other things replaced the portage
and musl-dev trees with malicious versions of the ebuilds intended to
try removing all of your files.

Whilst the malicious code shouldn't work as is and GitHub has now
removed the organization, please don't use any ebuild from the GitHub
mirror ontained before 28/06/2018, 18:00 GMT  until new warning.

Sincerely,
Francisco Blas Izquierdo Riera (klondike)
Gentoo developer.

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [gentoo-dev] Re: Hostile takeover of our github mirror. Don't use ebuild from there until new warning!
  2018-06-28 21:15 [gentoo-dev] Hostile takeover of our github mirror. Don't use ebuild from there until new warning! Francisco Blas Izquierdo Riera (klondike)
@ 2018-06-28 21:54 ` Francisco Blas Izquierdo Riera (klondike)
  2018-06-28 21:57   ` M. J. Everitt
  2018-06-29  0:46 ` [gentoo-dev] " Richard Yao
  1 sibling, 1 reply; 5+ messages in thread
From: Francisco Blas Izquierdo Riera (klondike) @ 2018-06-28 21:54 UTC (permalink / raw
  Cc: Gentoo Development, Gentoo mailing list

[-- Attachment #1.1: Type: text/plain, Size: 796 bytes --]

El 28/06/18 a las 23:15, Francisco Blas Izquierdo Riera (klondike) escribió:
> Hi!
>
> I just want to notify that an attacker has taken control of the Gentoo
> organization in Github and has among other things replaced the portage
> and musl-dev trees with malicious versions of the ebuilds intended to
> try removing all of your files.
>
> Whilst the malicious code shouldn't work as is and GitHub has now
> removed the organization, please don't use any ebuild from the GitHub
> mirror ontained before 28/06/2018, 18:00 GMT  until new warning.
>
> Sincerely,
> Francisco Blas Izquierdo Riera (klondike)
> Gentoo developer.
>
>
Just to keep up with it. There is a more complete article published at
https://www.gentoo.org/news/2018/06/28/Github-gentoo-org-hacked.html

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [gentoo-dev] Re: Hostile takeover of our github mirror. Don't use ebuild from there until new warning!
  2018-06-28 21:54 ` [gentoo-dev] " Francisco Blas Izquierdo Riera (klondike)
@ 2018-06-28 21:57   ` M. J. Everitt
  0 siblings, 0 replies; 5+ messages in thread
From: M. J. Everitt @ 2018-06-28 21:57 UTC (permalink / raw
  To: gentoo-dev, Francisco Blas Izquierdo Riera (klondike); +Cc: Gentoo mailing list


[-- Attachment #1.1: Type: text/plain, Size: 941 bytes --]

On 28/06/18 22:54, Francisco Blas Izquierdo Riera (klondike) wrote:
> El 28/06/18 a las 23:15, Francisco Blas Izquierdo Riera (klondike) escribió:
>> Hi!
>>
>> I just want to notify that an attacker has taken control of the Gentoo
>> organization in Github and has among other things replaced the portage
>> and musl-dev trees with malicious versions of the ebuilds intended to
>> try removing all of your files.
>>
>> Whilst the malicious code shouldn't work as is and GitHub has now
>> removed the organization, please don't use any ebuild from the GitHub
>> mirror ontained before 28/06/2018, 18:00 GMT  until new warning.
>>
>> Sincerely,
>> Francisco Blas Izquierdo Riera (klondike)
>> Gentoo developer.
>>
>>
> Just to keep up with it. There is a more complete article published at
> https://www.gentoo.org/news/2018/06/28/Github-gentoo-org-hacked.html
>
>
>
Antarus has also posted on g-announce ML fyi ;)


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [gentoo-dev] Hostile takeover of our github mirror. Don't use ebuild from there until new warning!
  2018-06-28 21:15 [gentoo-dev] Hostile takeover of our github mirror. Don't use ebuild from there until new warning! Francisco Blas Izquierdo Riera (klondike)
  2018-06-28 21:54 ` [gentoo-dev] " Francisco Blas Izquierdo Riera (klondike)
@ 2018-06-29  0:46 ` Richard Yao
  2018-06-29  0:58   ` Richard Yao
  1 sibling, 1 reply; 5+ messages in thread
From: Richard Yao @ 2018-06-29  0:46 UTC (permalink / raw
  To: gentoo-dev; +Cc: gentoo-announce, Gentoo mailing list

> On Jun 28, 2018, at 5:15 PM, Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org> wrote:
> 
> Hi!
> 
> I just want to notify that an attacker has taken control of the Gentoo
> organization in Github and has among other things replaced the portage
> and musl-dev trees with malicious versions of the ebuilds intended to
> try removing all of your files.
> 
> Whilst the malicious code shouldn't work as is and GitHub has now
> removed the organization, please don't use any ebuild from the GitHub
> mirror ontained before 28/06/2018, 18:00 GMT  until new warning.
Is the attacker using the account “gentoogang”?
> 
> Sincerely,
> Francisco Blas Izquierdo Riera (klondike)
> Gentoo developer.
> 
> 

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [gentoo-dev] Hostile takeover of our github mirror. Don't use ebuild from there until new warning!
  2018-06-29  0:46 ` [gentoo-dev] " Richard Yao
@ 2018-06-29  0:58   ` Richard Yao
  0 siblings, 0 replies; 5+ messages in thread
From: Richard Yao @ 2018-06-29  0:58 UTC (permalink / raw
  To: gentoo-dev; +Cc: gentoo-announce, Gentoo mailing list



> On Jun 28, 2018, at 8:46 PM, Richard Yao <ryao@gentoo.org> wrote:
> 
> 
>> On Jun 28, 2018, at 5:15 PM, Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org> wrote:
>> 
>> Hi!
>> 
>> I just want to notify that an attacker has taken control of the Gentoo
>> organization in Github and has among other things replaced the portage
>> and musl-dev trees with malicious versions of the ebuilds intended to
>> try removing all of your files.
>> 
>> Whilst the malicious code shouldn't work as is and GitHub has now
>> removed the organization, please don't use any ebuild from the GitHub
>> mirror ontained before 28/06/2018, 18:00 GMT  until new warning.
> Is the attacker using the account “gentoogang”?

Nevermind. After reading other mailing list threads, it is clear to me that he was the attacker. :/
>> 
>> Sincerely,
>> Francisco Blas Izquierdo Riera (klondike)
>> Gentoo developer.
>> 
>> 
> 
> 



^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2018-06-29  0:58 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-06-28 21:15 [gentoo-dev] Hostile takeover of our github mirror. Don't use ebuild from there until new warning! Francisco Blas Izquierdo Riera (klondike)
2018-06-28 21:54 ` [gentoo-dev] " Francisco Blas Izquierdo Riera (klondike)
2018-06-28 21:57   ` M. J. Everitt
2018-06-29  0:46 ` [gentoo-dev] " Richard Yao
2018-06-29  0:58   ` Richard Yao

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox