You are not logged in.
Anyone affected by Operation Windigo? Whether on Arch or another disto.
D:
Offline
<snip>
The Matrix has you!
http://it.slashdot.org/comments.pl?sid= … d=46520763
April fools is here early
That was my first thought.
No, I haven't heard anyone complaining about being hacked, getting a trojan horse, trojan rabbit or trojan badger.
Offline
I would assume if folks were loading in malicious software into packages... a maintainer would have spotted something somewhere along the way from what I understood of this article.
Offline
Check the timeline of events in http://www.welivesecurity.com/wp-conten … indigo.pdf .
The attack on kernel.org / linux foundation servers in 2011 and the infection of cPanel in 2013 are considered by ESET as being part of windigo.
Especially the first one did impact all linux users.
Edit :
an interesting aspect of windigo is that while linux servers were compromised, they didn't target linux USERS at all.
Last edited by Lone_Wolf (2014-03-19 12:06:21)
Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.
(A works at time B) && (time C > time B ) ≠ (A works at time C)
Offline
I thought Linux doesn't get Malware, only via using that Wine software makes Linux malware compatible... Or so I thought.
Our enemies are your enemies, Nick. Disorder, war. It's just a matter of time before a dirty bomb goes off in Moscow, or an EMP fries Chicago. --- Alexander Pierce, Captain America: Winter Soldier
Access Denied! De-cryption failed, override denied all files sealed! --- Triskelion, Shield OS
-----
How to ask questions the smart way
Offline
an interesting aspect of windigo is that while linux servers were compromised, they didn't target linux USERS at all.
A typical penguin lover lives in his parent's basement, I think the perpetrators of this attack don't even want to spy on him, I mean the stuff he's into is scary ...
Money? What money?
Spam all his friends? Ummm, his address book isn't going to be of much value.
;-)
Offline
I thought Linux doesn't get Malware, only via using that Wine software makes Linux malware compatible... Or so I thought.
It doesn't get malware but malware can be given to it. I'd still call this a PEBLAC error, especially if it are just trojans.
EDIT: OMG Linux != secure I'm going to Hurd bye guys.
Last edited by Steef435 (2014-03-19 14:36:14)
Offline
I thought Linux doesn't get Malware, only via using that Wine software makes Linux malware compatible... Or so I thought.
That kind of thinking might be useful for selling Macs to folks who don't know any better,* but it's not very good security policy. Linux systems can be infected by malware like trojans and rootkits just like any other OS. It's just never really been worth anyone's time to write malware aimed at desktop users, since very few black-hats out there write malware just because they can. Servers are a different matter, but for such a prolonged "operation," one would think we'd have heard about a payoff for the crackers in question by now.
* Not intended to disparage OS X or folks who use it. I've personally heard a salesperson in an Apple store use the "Macs can't get viruses" line during a sales pitch, though. Granted he was just a kid with a quota to fill, but still... It's kinda like selling a gun to someone on the grounds that it has a fail-proof safety switch; you're practically encouraging carelessness and human error.
Offline
I've personally heard a salesperson in an Apple store use the "Macs can't get viruses" line during a sales pitch, though.
It's true, isn't it? (Serious) Are there any known viruses for Mac OS X or Linux?
I check every year or so by doing a quick Internet search for any news on the subject but nothing ever comes up.
Offline
ANOKNUSA wrote:I've personally heard a salesperson in an Apple store use the "Macs can't get viruses" line during a sales pitch, though.
It's true, isn't it? (Serious) Are there any known viruses for Mac OS X or Linux?
I check every year or so by doing a quick Internet search for any news on the subject but nothing ever comes up.
http://en.wikipedia.org/wiki/Linux_malware#Threats ?
Last edited by karol (2014-03-19 16:32:12)
Offline
Offline
ANOKNUSA wrote:I've personally heard a salesperson in an Apple store use the "Macs can't get viruses" line during a sales pitch, though.
It's true, isn't it? (Serious) Are there any known viruses for Mac OS X or Linux?
I check every year or so by doing a quick Internet search for any news on the subject but nothing ever comes up.
Sure it's a super rare occurrence, but that wasn't really my point. Telling the average person who doesn't understand some of the intricacies of computer security that there aren't any viruses is akin to saying "You have absolutely nothing to ever worry about." Every security breach results, either directly or indirectly, from misguided complacence and/or carelessness.
Offline
I'd still call this a PEBLAC error, especially if it are just trojans.
What does the "L" stand for? Thought it should be a "K"...
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
Steef435 wrote:I'd still call this a PEBLAC error, especially if it are just trojans.
What does the "L" stand for? Thought it should be a "K"...
'Lounge chair'?
Leopard?
:-)
Edit: Sorry, I need some more coffee ...
Last edited by karol (2014-03-20 10:26:11)
Offline
Steef435 wrote:I'd still call this a PEBLAC error, especially if it are just trojans.
What does the "L" stand for? Thought it should be a "K"...
"Linux"
"...one cannot be angry when one looks at a penguin." - John Ruskin
"Life in general is a bit shit, and so too is the internet. And that's all there is." - scepticisle
Offline
THAT'S IT! I give up!
I'm switching to MenuetOS.
Sure it's a super rare occurrence, but that wasn't really my point. Telling the average person who doesn't understand some of the intricacies of computer security that there aren't any viruses is akin to saying "You have absolutely nothing to ever worry about." Every security breach results, either directly or indirectly, from misguided complacence and/or carelessness.
That's true.
Last edited by drcouzelis (2014-03-20 12:51:07)
Offline
karol wrote:THAT'S IT! I give up!
I'm switching to MenuetOS.
http://vxheavens.com/lib/vsp06.html
http://www.thehackademy.net/madchat/vxd … ymoron.asm
<whistles innocently>
Offline
...Windows 3.1? (The viruses can't get me if their all dead. )
Nah, I guess I'll just have to become a responsible computer user.
Offline
How's Commodore 64 doing these days? ;P
I think that the thread's title could be expanded so it reads
Operation Windigo: malware attack that infected 25k Linux/UNIX servers
Offline
Steef435 wrote:I'd still call this a PEBLAC error, especially if it are just trojans.
What does the "L" stand for? Thought it should be a "K"...
Like Karol said, it's the xkcd joke(Leopard).
Let's not forget about java exploits either.
Last edited by Steef435 (2014-03-20 15:05:08)
Offline
I found this pdf describing how it all works etc.. http://www.welivesecurity.com/wp-conten … indigo.pdf
Offline
I found this pdf describing how it all works etc.. http://www.welivesecurity.com/wp-conten … indigo.pdf
Lone_Wolf found it first: https://bbs.archlinux.org/viewtopic.php … 8#p1394318 :-)
Maybe Windows "requiring" a reinstallation every 6 months is a good thing. Even if you got the system infected, formatting the drive could very well take care of it in certain situations ;-)
Offline
Also found some server stuff to possibly help block it until the creators update it again...
https://github.com/eset/malware-ioc/tree/master/windigo
Offline
simpla wrote:I found this pdf describing how it all works etc.. http://www.welivesecurity.com/wp-conten … indigo.pdf
Lone_Wolf found it first: https://bbs.archlinux.org/viewtopic.php … 8#p1394318 :-)
Maybe Windows "requiring" a reinstallation every 6 months is a good thing. Even if you got the system infected, formatting the drive could very well take care of it in certain situations ;-)
Yes sorry.. He did. I didn't follow the link or take notice of it. sorry.
Offline
Also found some server stuff to possibly help block it until the creators update it again...
https://github.com/eset/malware-ioc/tree/master/windigo
Aaaaaand you broke github: https://status.github.com/
13:35 UTC
We are continuing to work to mitigate the attack and reduce the number of legitimate users who are flagged as attack traffic.
Offline