Skip to main content
Emerging ThreatsMalware & Ransomware

OpenMandriva Linux Project Hit by Sabotage Attempt

Cluttered home office workspace with disrupted laptop and scattered papers.

"Let me state right away that this was by no means a 'sabotage.’ I'm not the kind of person to do something like that," Davide Beatrici told The Lunduke Journal, rejecting claims that his recent actions intentionally harmed OpenMandriva Linux.

What Davide Beatrici says he did and why

Beatrici, identified in reporting as the leading developer of the instant messaging app Mumble and a friend of another contributor involved in the dispute, acknowledged deleting repositories and pushing a package but framed those moves as deliberate and targeted, not malicious. He said he "carefully deleted all Cosmic and GNOME repositories from GitHub, the corresponding packages on Cooker (development branch) and pushed a package obsoleting them." In his statement to The Lunduke Journal he added that his objective was not to harm the distribution he had contributed to over three years.

The deletions and the empty package: what was affected

The OpenMandriva project says the incident ranged from wiped GitHub repositories to an empty package pushed to the Cooker repository that obsoleted the packages for the Gnome and Cosmic desktop environments. Project maintainers warned that the empty package could have damaged users' systems. AngryPenguin, a long-time OpenMandriva developer who posted about the incident on the project's forum, said part of a repository the team had been working on for almost a decade was deleted.

OpenMandriva's immediate response: restoration and audit

OpenMandriva is restoring the deleted repositories and packages and is conducting a full system audit to identify any other unauthorized changes. AngryPenguin, posting on behalf of the team, asserted that the actions amount to a criminal offense but said the project has decided not to pursue legal action against the former contributor. The team’s stated priorities are recovery and verification rather than litigation.

Repository permissions and the OneDev migration

According to AngryPenguin, Beatrici had administrative privileges because he previously helped migrate and mirror project repositories to his private OneDev instance. The forum post links that prior administrative role to the ability to delete repositories and to publish packages in the Cooker branch. AngryPenguin also tied the disruptive events to a wider interpersonal dispute, saying the sabotage attempt followed abusive behavior by a contributor "towards certain users and members of the distribution," behavior that prompted some people to leave the project.

What this means for OpenMandriva users, contributors, and security teams

  • OpenMandriva users: They must rely on the project's restoration and audit to confirm package integrity. The Cooker repository is a development branch; the project's work to restore obsoleted GNOME and Cosmic packages and to validate users' systems will determine immediate risk to installations.
  • OpenMandriva contributors: The episode highlights governance and access-control questions inside an independent, community-run distribution. The dispute reportedly centered on desktop focus — with some members opposed to the project's emphasis on KDE and LXQt — and escalated to repository deletions after changes were made to build configuration files, according to Beatrici.
  • Security teams and maintainers of other open-source projects: This case underscores the operational risk posed by privileged accounts used to mirror or migrate repositories. Administrative access tied to private infrastructure — here, a OneDev instance used by a volunteer to mirror repositories — can enable broad changes, intentional or otherwise, and merits explicit controls and auditability.

OpenMandriva is an independent, community-run Linux distribution forked from Mandriva Linux in 2012; the project notably builds most of its components with the LLVM/Clang toolchain rather than the GCC toolchain used by many other distributions. BleepingComputer contacted Beatrici both directly and through the Mumble team for comment but had not received a response as of publishing; separately, Beatrici provided the quoted statement to The Lunduke Journal. The project’s ongoing restoration and full system audit are the concrete next steps the team has announced.

Link to original reporting: https://www.bleepingcomputer.com/news/security/openmandriva-linux-says-contributor-tried-to-sabotage-the-project/