Linux Mint website got HACKED!

Beware of hacked ISOs if you downloaded Linux Mint on February 20th! Or at least what they (from Mint) say.

What happened?

Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it.

Does this affect you?

As far as we know, the only compromised edition was Linux Mint 17.3 Cinnamon edition.

If you downloaded another release or another edition, this does not affect you. If you downloaded via torrents or via a direct HTTP link, this doesn’t affect you either.

Finally, the situation happened today, so it should only impact people who downloaded this edition on February 20th.

How to check if your ISO is compromised?

If you still have the ISO file, check its MD5 signature with the command “md5sum yourfile.iso” (where yourfile.iso is the name of the ISO).

The valid signatures are below:

6e7f7e03500747c6c3bfece2c9c8394f linuxmint-17.3-cinnamon-32bit.iso
e71a2aad8b58605e906dbea444dc4983 linuxmint-17.3-cinnamon-64bit.iso
30fef1aa1134c5f3778c77c4417f7238 linuxmint-17.3-cinnamon-nocodecs-32bit.iso
3406350a87c201cdca0927b1bc7c2ccd linuxmint-17.3-cinnamon-nocodecs-64bit.iso
df38af96e99726bb0a1ef3e5cd47563d linuxmint-17.3-cinnamon-oem-64bit.iso

If you still have the burnt DVD or USB stick, boot a computer or a virtual machine offline (turn off your router if in doubt) with it and let it load the live session.

Once in the live session, if there is a file in /var/lib/, then this is an infected ISO.

What to do if you are affected?

Delete the ISO. If you burnt it to DVD, trash the disc. If you burnt it to USB, format the stick.

If you installed this ISO on a computer:

Put the computer offline.
Backup your personal data, if any.
Reinstall the OS or format the partition.
Change your passwords for sensitive websites (for your email in particular).

Is everything back to normal now?

Not yet. They took the server down while fixing the issue.

Who did that?

The hacked ISOs are hosted on and the backdoor connects to

Both lead to Sofia, Bulgaria, and the name of 3 people over there.


So as you can see, Bulgarian hackers did this. Not so proud right now 🙂 If my people are gonna hack something, there are tons of websites that need to be removed. But Linux Mint .. come on 🙂


EDIT: infected backdoor file exposed on GitHub. Malicious Linux Mint iso file can be searched: find / -iname

How to install Web Server, PHP, MySQL and WordPress on Windows

Hello friends,

This piece is NOT mine but I know the engineer who stands behind it. With his permission I will share it. This is from the Windows posts. Later, I will write my own for Linux users!

You will find the source at the end of the post. Have fun and comment!




This is a step-by-step and a video guide on how to install Web Server (IIS) on Windows 7 (works on Win 8 and 10) then Install PHP, MySQL, phpmyadmin and then WordPress. All this in 40 minutes. From an empty Windows 7 machine to fully functional Web Server.

Please refer to the video but I also provide a written step-by-step instructions on what I do in the video with links to downloads.

0. Turn off User Account Control !
1. Install IIS from Programs and Features -> Turn Windows Features on and off. ChooseInternet Information Services and expand. Also check CGI and some more features from the Application Development sub menu.

Web Server







2. Open from Control Panel -> System and Security -> Administrative Tools
2. Test your web server with http://localhost. If you see the IIS picture – You have a working Web Server
4. Go to -> Downloads and download your desired PHP Version. Usually x86 threat safe zip download. For older versions and archives –
5. Copy the files in the zip file and paste them into C:\PHP. Create the folder PHP manually.
6. Go to and download the 64 (or 32) bit installer. Run the installer. If you are running a later version of Windows like 8 or 10 then your IIS version will also be higher and the installer won’t run. To work around this open regedit in Run and navigate toHKLM/System/CurrectControlSet/Services/W3SVC/Parameters and open the MajorVersion DWORD. Change the value from 10 to 9 or 8 and try to install again.
7. Open the IIS Manager and choose PHP Manager when selecting the Default Web site
8. Click on register new PHP version and choose the path where you unpacked the PHP files. In our case C:\PHP and point to the php-cgi.exe and click Ok.
9. Your IIS is now linked with PHP via FastCGI
10. Now while in IIS Manager go to Default Document and click Add on the right menu. Type index.php and click OK. Now with the arrows on the right menu put the index.php to the top of the list. Acknowledge any warnings that inheritance will break.
11. Go and test your php. Put an index.php file with some example php code inside in yourC:\inetpub\wwwroot directory and give it a try by opening your http://localhost in a browser.
12. If you see the php page – You have installed PHP successfully. If not leave a comment and I wil try to help you.
13. If you receive a Internal Server Error 500 – FastCGI process exited unexpectedly go to and download the32bit version of the Visual C++. Try opening the localhost again. Should be fine.
14. Time to get the MySQL. Go to On Select Platform choose Download on the MySQL Installer MSI.
15. Choose bigger installation
16. Click on No thanks just start my download and downlaod the file. It’s around 370 MB.
17. Run the installation file. – Choose Server Only and install.
18. Time to configure the MySQL install. For Config Type choose Server Machine if your Web server (like in our case) is on the same server as your MySQL and chooseDedicated Machine if your Web Server and MySQL are on different servers.
If you want your MySQL to use the least memory – choose Development Machine. It will assume that it’s not a production MySQL that will serve a lot of requests.
19. Leave the connectivity checks as they are. Go to Next.
20. Choose a password for the account “root”. You cannot change the root username but you choose the password. If you want to create your own user with special permissions go to MySQL User Accounts and click Add User and create your own user. Once Ready go to Next
21. Definately leave “Configure MySQL Server as a Windows Service” checked and the same for “Start the MySQL Server at System Startup”. Windows Service Name – change it if you want. No Impact.
22. On Run Windows Service as… leave it on Standard System Account. If you have a good reason to use a specific account – choose Custom User but i would Recommend staying with Standard System Account. Click Next and then Execute.
23. Now you need something to manage your MySQL with. I suggest using the freephpMyAdmin. Go to and download.
24. Go to C:\inetpub\wwwroot directory and create a folder called phpmyadmin and unpack all the files in it.
25. Open http://localhost/phpmyadmin. You should see the Phpmyadmin welcome page. For username use root and the password you’ve chosen on the MySQL install in step 20. Now you are inside your MySQL seen through phpmyadmin. Leave the page opened.
26. Now we are ready to install WordPress, Forums, joomla, Drupal and etc. Let’s install WordPress as an example. Go to and download the latest WordPress.
27. Unpack everything into your wwwroot directory.
28. Open http://localhost. You should see the WordPress Logo. Click Let’s Start.
29. Go back to your browser tab where you have http://localhost/phpmyadmin opened or open it again if you closed it. Go to Databases and create a new database. That’s it. We need it blank
30. Go back to your WordPress tab on http://localhost . Fill in the information :
Database Name: Use the name of the database you created in phpmyadin in step 29.
User Name: Use the username you login into phpmyadmin which should be the same as Step 20.
Password: And the password.
Database host: Leave localhost.
Table Prefix: leave the default – wp_
Click Submit.
31. It will say Sorry but I can’t write to wp-config.php file. Go to your wwwroot directory and create a file called wp-config.php. Open it with Notepad and paste the code from the WordPress page. Save
32. Go back to your WordPress page and click Run the Install.
33. Type in a Site Title (you can change later if you don’t like it), Type a Username andpassword for your new WordPress site (best to choose different from your MySQL logins). Type a fake or real email, it doesn’t matter. If you want search enginers to crawl
your site leave the check on Privacy and click on Install WordPress button.
34. If all goes fine you should see Success! and a Log in button.
35. Congrats! You have a WordPress blog now. The installations of Joomla, PHPBB, vBulletin, SMF, Drupal are almost identical to this installation so you should be good installing them easily.



Source: Djongov IT blog


As I said, Linux version is coming soon.

N.B. This is copy-pasted from the author’s site. If you want to copy it or use it contact him from the link above! If there are any mistakes, there are from the author’s side!