Page 1 of 30 12311 ... LastLast
Results 1 to 10 of 299

Thread: Social engineering (trojan) via gnome-look.org

  1. #1
    Join Date
    Dec 2007
    Location
    Gainesville, Florida
    Beans
    Hidden!
    Distro
    Xubuntu 12.04 Precise Pangolin

    Social engineering (trojan) via gnome-look.org

    Quote Originally Posted by Enlightened Shadow View Post
    The point is that I was dumb enough to think that Ubuntu was secure enough out here in the Linux wonderland that I love so much that I ended up on gnome-look downloading everything that looked cool without examining everything first.
    Ubuntu is secure. We are the ones who make it un-secure by installing something using our root password. I didn't think about the fact that a .deb file from a trusted site would be malicious. Thanks for the lesson.

  2. #2
    Join Date
    Apr 2007
    Location
    BiH
    Beans
    Hidden!
    Distro
    Ubuntu 11.10 Oneiric Ocelot

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Quote Originally Posted by pbrane View Post
    Ubuntu is secure. We are the ones who make it un-secure by installing something using our root password. I didn't think about the fact that a .deb file from a trusted site would be malicious. Thanks for the lesson.
    You consider gnome-look a trusted website? Stick with official repos and PPAs and you'll be fine.
    ...

  3. #3
    Join Date
    Oct 2006
    Location
    New York
    Beans
    1,118
    Distro
    Xubuntu 12.10 Quantal Quetzal

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Aren't PPA's only as far as you trust the owner, as in anyone can get one.
    xubuntu minimal, extensive experience, lshw: http://goo.gl/qCCtn
    blog: http://goo.gl/yLg78
    Linux viruses: http://goo.gl/6OCKA

  4. #4
    Join Date
    Dec 2007
    Location
    Gainesville, Florida
    Beans
    Hidden!
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Quote Originally Posted by meho_r View Post
    You consider gnome-look a trusted website? Stick with official repos and PPAs and you'll be fine.
    I didn't say I considered it a trusted site. I just meant it is a good idea not to assume it's safe to install debs. I think your advise is good.

  5. #5
    Join Date
    Jan 2009
    Location
    Sol System
    Beans
    Hidden!
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Muahaha could this be the first semi-massive Linux virus/trojan? Either way, I agree with pbrane, even for windows to a certain extent (at least in my PC):
    Quote Originally Posted by pbrane View Post
    Ubuntu is secure. We are the ones who make it un-secure by installing something using our root password. I didn't think about the fact that a .deb file from a trusted site would be malicious. Thanks for the lesson.

  6. #6
    NoaHall is offline May the Ubuntu Be With You!
    Join Date
    Mar 2009
    Beans
    1,562
    Distro
    Ubuntu 9.10 Karmic Koala

    Social engineering (trojan) via gnome-look.org

    Read this thread - http://ubuntuforums.org/showthread.php?t=1349678

    Basically, there's someone who put a .deb on gnome-look, users installed it, and now he's hacked their systems to perform a DDoS attack.

    Lesson : Don't install .deb files from unreliable sources. We have repos for a reason. Use them. And for crying out loud, screensavers don't use .deb files.

    Oh, and here's the fix(in case someone browsing might want to check)
    Code:
    sudo rm -f /usr/bin/Auto.bash /usr/bin/run.bash /etc/profile.d/gnome.sh index.php run.bash && sudo dpkg -r app5552
    Last edited by NoaHall; December 9th, 2009 at 12:00 AM.

  7. #7
    Join Date
    Jul 2008
    Location
    Where I am
    Beans
    807
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: To those of you who are unaware

    Well crap!

    EDIT: It's been removed.
    .i coi rodo

  8. #8
    Join Date
    Dec 2007
    Beans
    124

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Quote Originally Posted by running_rabbit07 View Post
    This is what this link (http://05748.t35.com/) says when opened via FF.
    well I dont want a congrats...

    Keep viruses in the windows world

    Thank you
    Last edited by dmizer; December 9th, 2009 at 11:50 AM. Reason: removed hyperlink

  9. #9
    Join Date
    Dec 2007
    Location
    The last place I look
    Beans
    Hidden!
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Quote Originally Posted by conorsulli View Post
    well I dont want a congrats...

    Keep viruses in the windows world

    Thank you
    just a point of terminology (not trying to be a jerk), but this is not a "virus". viruses spread, and exploit vulns in applications to perform their dirtywork.
    what yo have there is a trojan.

    sorry, it's jsut that everytime the word "virus" is used on this forum, it gets ugly from there. everyone would alternate between telling you that your issue never happened, or that you are the problem (neither of which is constructive.). i hate those threads...zealots vs zealots

  10. #10
    Join Date
    May 2009
    Beans
    1,934
    Distro
    Ubuntu Studio 9.10 Karmic Koala

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Quote Originally Posted by doas777 View Post
    just a point of terminology (not trying to be a jerk), but this is not a "virus". viruses spread, and exploit vulns in applications to perform their dirtywork.
    what yo have there is a trojan.

    sorry, it's jsut that everytime the word "virus" is used on this forum, it gets ugly from there. everyone would alternate between telling you that your issue never happened, or that you are the problem (neither of which is constructive.). i hate those threads...zealots vs zealots
    Do you think the referenced link could have a negative effect when visited via FF? I've been watching conky since the visit and haven't seen anything new happening, but I am not the brightest at spotting orc mischief in Linux, yet.

Page 1 of 30 12311 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •