A man who allegedly hacked the Linux Kernel Organization’s kernel.org and the Linux Foundation’s servers has been collared by cops.
Donald Ryan Austin, 27, of El Portal, Florida, will appear in court in San Francisco later this month, and is accused of intentional transmission causing damage to a protected computer.
The four charges were filed in absentia against Austin. His alleged hacking spree led to the Linux groups shutting down completely while a malware infection was cleared up. Austin was stopped by police in Miami Shores for a traffic offense on Thursday – and then arrested when he identified himself.
Court documents claim that in 2011, Austin managed to steal the credentials of one of the Linux server admins and used these to install the Phalanx malware, a self-injecting kernel rootkit designed for the Linux 2.6 branch that hides files, processes and sockets and includes tools for sniffing a TTY program.
Using Phalanx, he is also accused of installing the Ebury trojan, which is designed for Linux, FreeBSD or Solaris hacking, onto numerous servers run by the groups. This harvested login credentials of people using the servers and forwarded them to the attacker.
Austin’s goal, according to the prosecution, was to get early access to Linux builds. He is also accused of leaving messages on the system for others to find, and of hacking the personal email server of one member of the Linux Foundation.
Submitted by: Arnfried Walbrecht