Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach | Ars Technica
yikes.
Infrastructure used to maintain and distribute the Linux operating system kernel was infected for two years, starting in 2009, by sophisticated malware that managed to get a hold of one of the developers’ most closely guarded resources: the /etc/shadow files that stored encrypted password data for more than 550 system users, researchers said Tuesday.
(tags: passwords kernel linux security hacks malware kernel.org)