Vulnerability in a framework has made attackers access LineageOS infrastructure. Although the hackers had access to the servers, apparently no sensitive data was stolen. The team is working to address the vulnerabilities.
LineageOS is a mobile operating system that is based on Android and was then known under the name CyanogenMod. As reported by ZDNet, unknown hackers managed to break into the LineageOS infrastructure last night. However, the attack was discovered before damage could be done.
Sensitive data has not been stolen
According to the LineageOS team, no sensitive data has been stolen. Keys that are used to sign official versions are stored on other systems.
The attackers exploited a vulnerability in the open-source framework Salt. The software is used to manage servers in data centers or other internal networks. Two major security vulnerabilities that hackers can use to take over Salt servers were released earlier this week. In some cases, attackers have managed to install a back door.
Normally, salt servers should be operated behind a firewall and not allow requests from the Internet. However, this is not the case in numerous networks. A few days ago, patches against the two security vulnerabilities were made available.
The LineageOS team reacted immediately to the attack and temporarily removed all servers that were affected by the attack from the network. The developers are currently working on fixing the vulnerabilities so that such an attack can no longer be carried out in the future. Who is behind the attack and what goals have been pursued with it is still completely unclear at this point.