The most popular Linux distribution Gentoo has been “totally pwned” according to the researcher at Sophos, and currently none of the code could be trusted.
The team has posted an immediate update and noted that none of the real code has been compromised.
However, they have pulled the GitHub repository until they can upload the fresh copy of the unadulterated code.
“Today the 28th June at approximately 20:20 UTC an unknown individual have gained the control of GitHub Gentoo organization, and which have modified the content of the repositories and as well as the page there. We are still working really hard to determine the exact change and to regain the control of the organization and its repositories. Currently all the Gentoo code which are hosted on GitHub should be considered compromised just for the moment,” wrote Gentoo administrators. “This of course does NOT affect at all any code which is hosted on the Gentoo infrastructure. Since the master of Gentoo ebuild has been hosted on our very own infrastructure and since GitHub is only a mirror for it, you are of course fine if you are using rsync or webrsync from gentoo.org.”
You should never worry because none of the code is permanently damaged its because the Gentoo administrators keep their own copy of the code.
Gentoo has stated that you must avoid the copy from GitHub version until it is reinstated because the GitHub Gentoo code might this time contain malwares.
“The Gentoo infrastructure has successfully identified the entry point, and have successfully locked down the compromised accounts,” wrote the admins.