As you know, a few days ago some hackers hacked into the Linux Mint computer and made users download a Linux Mint infected with the Tsunami Trojan instead of the true version of Linux Mint. This news has traveled the world several times as it was something unusual so far and more focused on the GNU / Linux world.
Despite all that has been published there is little news about how to get rid of this infected Linux Mint or how to know if our computer is still infected and therefore act accordingly.
There are currently three methods to know if our computer is infected or not. The first of these is to check the md5sum file, If our image matches the real md5sum, the distribution is not infected but if any digits change, our computer is infected.
3 Methods to know if our Linux Mint is infected or not
To make this method work, we open a terminal and write the following:
where you put “ImagenLinuxMint.iso” we will put the path of the installation image we used. The md5sum code will appear below, the correct codes are as follows and must match our image or it will be wrong:
If on the other hand we no longer have the installation image but if the installation usb, to know if it is infected or not we have to load Linux Mint in Live mode and go to / var / lib / if there is one in this folder a file called man.cy, Then the system is also infected. And we may have deleted not only the installation image but also the usb with the installation disk. In this case we can only consult this website where it tells us if our user or email information has been stolen. It is a secure website that only reports if the user data we indicate appears on the network.
Once we have found out if we are infected or not, if so, the right thing to do is to download a clean image from an uninfected computer. Back up our data and after that wipe the computer as well as the partition table and do a clean installation of Linux Mint. In this case the risk is high any precaution is small if we are really infected Don’t you believe?