Poor new Linux users. You choose a good starting distribution. This sucks hard. Linux isos are not exe files. You can also check the hash files, but I don’t know anyone that does that on their personal PC.
Xubuntu website hijacked to serve malware
Submitted 21 hours ago by ZippyBot@lemmy.zip [bot] to gaming@lemmy.zip
https://www.gamingonlinux.com/2025/10/xubuntu-website-got-hijacked-to-serve-malware/
Comments
barnaclebutt@lemmy.world 17 hours ago
Qwel@sopuli.xyz 17 hours ago
And the hashes are displayed on the website that got compromised
undefinedTruth@lemmy.zip 16 hours ago
To be fair, I doubt that someone who even knows how to verify a hash when would see an exe instead of an iso would think that this looks fine.
barnaclebutt@lemmy.world 16 hours ago
I doubt they bothered to change them. And, if you know how to check hashes then you wouldn’t run an exe file to download an ISO.
AntiBullyRanger@ani.social 13 hours ago
Hopefully this motivates distro makers to secure their services a little bit more than xubuntu never did. Plenty distro still serve files under unsecure connections.
unexposedhazard@discuss.tchncs.de 20 hours ago
Its been more than 24h and the site is still down. It only loads the main page but all links are dead.
RedSnt@feddit.dk 20 hours ago
I saw a video on this yesterday. Apparently it’s a crypto scam thing.