LineageOS suffers cyberattack attempt through Salt
LineageOS, an Android-based mobile operating system, has reported an intrusion carried out at the beginning of May by cyberattackers with the intention of accessing its central infrastructure.
The cyberattack took place by exploiting two vulnerabilities in Salt, an open source SaltStack framework, that LineageOS uses to manage servers in its data center.
In the official statement, LineageOS clarifies that the source code and the compilations of the operating system were not affected, nor were the encryption keys used to authenticate the official distributions of the operating system.
References:
- 03/05/2020 status.lineageos.org Full outage – Status page - LineageOS
- 03/05/2020 twitter.com Twitter LineageOS
- 03/05/2020 zdnet.com Hackers breach LineageOS servers via unpatched vulnerability
- 05/05/2020 expresscomputer.in Hackers break into open-source Android mobile platform LineageOS
- 06/05/2020 incibe-cert.es Múltiples vulnerabilidades en Salt de SaltStack