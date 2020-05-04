TECH

CHANGE LANGUAGE
English
हिन्दी বাংলা मराठी ગુજરાતી ಕನ್ನಡ தமிழ் മലയാളം తెలుగు ਪੰਜਾਬੀ اردو অসমীয়া ଓଡ଼ିଆ
WATCH LIVE TV
DOWNLOAD News18 APP
Follow Us On
Trending Topics : #Coronavirus#MakeYourOwnMask#COV19 Analytics#IndiaGives
News18 »
1-MIN READ

Hackers Break Into Android Substitute LineageOS Via Unpatched Vulnerability

Image for Representation.

Image for Representation.

LineageOS Signing Keys, Builds, and Source Code were unaffected despite the attack, the company said.

  • IANS
  • Last Updated: May 4, 2020, 11:45 AM IST
Share this:

Hackers have broken into the core infrastructure of LineageOS, a free and open-source operating system for smartphones, tablet computers and set-top boxes, based on the Google Android mobile platform. In a tweet, the company admitted the breach happened on Saturday night and it was detected well within time before the attackers could do any harm. "Around 8 PM PST on May 2nd, 2020 an attacker used common vulnerabilities and exposures (CVE) in our saltstack master to gain access to our infrastructure," said the company. "We are able to verify that: Signing keys are unaffected, Builds are unaffected, Source code is unaffected," added LineageOS.

According to LineageOS developers, the hacking took place after the attacker used an unpatched vulnerability to breach its Salt installation. Salt is an open-source framework provided by Saltstack that is usually deployed and used to manage and automate servers inside data centres, cloud server setups, or internal networks, reports ZDNet. Cybersecurity firm F-Secure has already disclosed two major vulnerabilities in the Salt framework that could be used to take over Salt installations. The two vulnerabilities which, when combined, could allow attackers to bypass login procedures and run code on Salt master servers left exposed on the internet.

There are currently more than 6,000 Salt servers left exposed online that can be exploited via this vulnerability if left unpatched. LineageOS extends the functionality and lifespan of mobile devices from more than 20 different manufacturers owing to its open-source community of contributors from all around the world. LineageOS is the successor to the custom ROM CyanogenMod, from which it was forked out in December 2016. LineageOS was officially launched on December 24, 2016, with the source code available on both GitHub and GitLab. Since its launch, LineageOS development builds are available for 109 phone models, with over 1.7 million active installs.

Share this:

Support the daily wage earners who have been hit the hardest by the COVID-19 crisis. Click here to contribute to the cause. #IndiaGives

The daily News18 Coronavirus COVID-19 newsletter - Get your copy here.

Subscribe to News18 Daybreak. Follow us on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube

First Anniversary Offer: Subscribe to Moneycontrol PRO’s annual plan for ₹1/- per day for the first year and claim exclusive benefits worth ₹20,000. Coupon code: PRO365

Next Story

COVID-19 Tracker
Helpline Number:
  • India
  • World

  • Active Cases

    29,453

    +1,383*  

  • Total Confirmed

    42,533

    +2,270*  

  • Cured/Discharged

    11,707

    +820*  

  • Total DEATHS

    1,373

    +67*  
*change over the previous day
Data Source: Ministry of Health and Family Welfare, India
Updated: May 04 (08:00 AM)
Testing centres

World

  • Active Cases

    2,131,887

    +24,835*  

  • Total Confirmed

    3,507,265

    +44,583*

  • Cured/Discharged

    1,127,887

    +17,168*  

  • Total DEATHS

    247,491

    +2,580*
*change over the previous day
Data Source: Various
Testing centres