Hacker Who Hacked Official Linux Kernel Website Arrested in Florida


Around five years after unknown hackers gained unauthorized access to multiple

kernel.org servers

used to maintain and distribute the Linux operating system kernel, police have arrested a South Florida computer programmer for carrying out the attack.

Donald Ryan Austin

, a 27-year-old programmer from of El Portal, Florida, was charged Thursday with hacking servers belonging to the Linux Kernel Organization (

kernel.org

) and the Linux Foundation in 2011, the Department of Justice

announced

on Thursday.

The Linux Kernel Organization runs

kernel.org

servers for distributing the Linux operating system kernel, which is the heart of the operating system, whereas the Linux Foundation is a separate group that supports kernel.org.

According to an indictment [

PDF

] unsealed by federal prosecutors on Monday, Austin managed to steal login credentials of one of the Linux Kernel Organization system administrators in 2011 and used them to install a hard-to-detect malware backdoor, dubbed

Phalanx

, on servers belonging to the organization.

But what made the breach much significant? It's the open-source operating system that's being used by Millions of corporate and government networks worldwide.

Using the Phalanx malware, Austin allegedly installed

Ebury

– a Trojan designed for Linux, FreeBSD or Solaris hacking – on a number of servers run by the Linux groups, which helped him gain access to the login credentials of people using the servers.

Austin allegedly infected Linux servers, including "

Odin1

," "

Zeus1

," and "

Pub3

," which were leased by the Linux Foundation for operating kernel.org. He also hacked the personal email server of Linux Kernel Organization’s founder Peter Anvin.

Austin is also accused of allegedly using his unauthorized admin privileges to insert messages into the system that would display when the servers restarted.

According to prosecutors, Austin's motive for the intrusion was to gain early access to Linux software builds distributed through the www.kernel.org website.

This security breach forced the Linux Foundation to

shut down kernel.org

completely while a malware infection was cleared up, and rebuild several of its servers. Miami Shores Police arrested Austin during a traffic stop on August 28.

Austin is charged with 4 counts of

"intentional transmission causing damage to a protected computer."

He was released from jail on a bond of $50,000 provided by the family of his girlfriend.

Judge has ordered Austin to stay away from the Internet, computers, and every type of social media or e-mail services, due to his "

substance abuse history

."

Austin is scheduled to appear in San Francisco federal court on September 21 before the Honorable Sallie Kim, and if found guilty, he faces a possible sentence of 40 years in prison as well as $2 Million in fines.



from The Hacker News http://ift.tt/2bSFeN6