OpenMandriva: Statement regarding attempted distribution sabotage
OpenMandriva reported that its website and source code infrastructure were targeted in an attempted sabotage attack. The project stated that the attack was detected early and mitigated, with no compromise to distribution integrity or user data confirmed. The team thanked the community for vigilance and announced they are reviewing security measures.
Background
- OpenMandriva is a community-driven Linux distribution (OS) that descends from the once-popular Mandriva Linux, which went defunct in the mid-2010s. It is maintained by a small volunteer team.
- On August 24, 2025, an unknown actor registered a malicious fork of OpenMandriva's core package manager (called "OM Welcome" / "om-welcome") on the openSUSE Build Service, a shared platform for packaging software. The fake package appeared legitimate but contained destructive code designed to wreck the user's system if installed.
- The sabotage was discovered quickly and blocked before reaching any users. OpenMandriva's infrastructure was not breached; only the public build service (which anyone can use) was exploited. The incident highlights the vulnerability of small, trust-based open-source projects to supply-chain attacks.