A deb package claiming to be a screensaver is malicious
Forum rules
Section reserved for the team. You can reply to announcements here but not post new topics. Do not add support questions to threads here, use the appropriate support forum instead.
Section reserved for the team. You can reply to announcements here but not post new topics. Do not add support questions to threads here, use the appropriate support forum instead.
A deb package claiming to be a screensaver is malicious
Found over at the Ubuntu forums
http://ubuntuforums.org/showthread.php?t=1349678
The key points here are
installed a deb from a site - only install from reliable sources
Installed with sudo - if you are root "everything" is possible
This is no screensaver but an app that connects to a site called mmowned.com and tries to download malicious code
However the code seems not to be working very well
http://ubuntuforums.org/showthread.php?t=1349678
The key points here are
installed a deb from a site - only install from reliable sources
Installed with sudo - if you are root "everything" is possible
This is no screensaver but an app that connects to a site called mmowned.com and tries to download malicious code
However the code seems not to be working very well
Re: A deb package claiming to be a screensaver is malicious
Maybe I'm naïve but in almost a decade of using Linux on/off this is the first actual report of a specific malicious installer I've ever seen. First time for everything, I guess
Re: A deb package claiming to be a screensaver is malicious
Isn't it generally spoken not tricky to download themes and packages from websites outside synaptic??
Even installing a downloaded theme requires to install in the root-system. The safest way is not downloading and installing something outside the official Mint-repo. By doing so you will keep linux as safe as possible...
Even installing a downloaded theme requires to install in the root-system. The safest way is not downloading and installing something outside the official Mint-repo. By doing so you will keep linux as safe as possible...
Linux Mint 17.3 Cinnamon (64 bits)
Re: A deb package claiming to be a screensaver is malicious
wierd...normally from what i hear linux doesnt have these kind of situations lol. Thanks for the heads up!
Re: A deb package claiming to be a screensaver is malicious
@ myspacecommassergio
You are right but if you install a .deb package as root you invite the package into your system
You are right but if you install a .deb package as root you invite the package into your system
Re: A deb package claiming to be a screensaver is malicious
Husse wrote:@ myspacecommassergio
You are right but if you install a .deb package as root you invite the package into your system
oh wow im new to the community... so i gota install only trusted .debs then when using the Sudo command gotcha friend thanks for the warning i had no clue
I'm new to this ha xD
Re: A deb package claiming to be a screensaver is malicious
anyone how knows how to program can create a malicious program and make it a .deb file.
it's up to the users stupidity to install such untrusted program.(same applies to all other operating systems)
though, it's from gnome's site, which makes most user think it's safe.
it's up to the users stupidity to install such untrusted program.(same applies to all other operating systems)
though, it's from gnome's site, which makes most user think it's safe.
Re: A deb package claiming to be a screensaver is malicious
The URL given in the link has Bots in it? xxxxx05748.t35.com/Bots/xxxxx ? Also he used chmod 777 on a script, never a good idea to cough up universal access on anything much less a script. Lots of lessons to be learned here.
Re: A deb package claiming to be a screensaver is malicious
DEB packages do not only contain data, they can also contain executable code. A lot of packages do, and this code is executed with root permission. So for instance, a DEB could contain "nothing" and have an "rm -rf /" as its post-installation script, and that would be run as root...
So be aware that debs aren't simply containers, they're very much like Windows self-installing .exe files, and they get run with full permissions. One of the main reasons why Linux is safer than Windows is because distributions package the available software themselves and so you rarely have to get .debs from untrusted sources, whereas Windows simply provide the OS and lets you browse the Web to get everything else... so most Windows users are used to install things they don't know without looking at where it came from. Don't be tempted to do the same under Linux as it's just as dangerous.
Clem.
So be aware that debs aren't simply containers, they're very much like Windows self-installing .exe files, and they get run with full permissions. One of the main reasons why Linux is safer than Windows is because distributions package the available software themselves and so you rarely have to get .debs from untrusted sources, whereas Windows simply provide the OS and lets you browse the Web to get everything else... so most Windows users are used to install things they don't know without looking at where it came from. Don't be tempted to do the same under Linux as it's just as dangerous.
Clem.
Re: A deb package claiming to be a screensaver is malicious
Oh... I just selectively read that Ikey, and for a moment I thought you were talking about meikey wrote:I have noticed a culture of 'selective reading' among newer users recently. i.e. they want results instantly
so will take the quickest path to...
Re: A deb package claiming to be a screensaver is malicious
Its very hard to make any program that would run on all Linux machines without user's extra help. Thats why linux viruses have no chances. You have to be mad man to create such...
Re: A deb package claiming to be a screensaver is malicious
Or as the saying goes: the most common source of computer failure is between the keyboard and the chair...ikey wrote:A chain is only as strong as its weakest link, so they say. I think Linux users should still be aware that any system
is still fallible in some way or other. Just because Linux is fundamentally more secure, this does not mean that
users should throw all caution to the wind.
Re: A deb package claiming to be a screensaver is malicious
Also called SBSOr as the saying goes: the most common source of computer failure is between the keyboard and the chair...
If you don't know what SBS is try to figure it out
Re: A deb package claiming to be a screensaver is malicious
Madel wrote:anyone how knows how to program can create a malicious program and make it a .deb file.
it's up to the users stupidity to install such untrusted program.(same applies to all other operating systems)
though, it's from gnome's site, which makes most user think it's safe.
well... to me personally stupid is when you know it's going to terd in your cornflakes and then you do it on purpose anyways.
If you told some one hey "heres a virus that will KO your computer luanch it/run it" and the User says oh... a virus... how exciting let me run it *click*
Then thats what I'd call stupid.
Now if someone's new to this and they go to a website full of .exe files or for linux full of .deb files and this is theyre first time using either OS then I wouldn't call them stupid I would rather say thats a learning experience and to watch out next time. Becuase if you don't know dude then honestly your not stupid you just seriously didn't know.
Re: A deb package claiming to be a screensaver is malicious
And this is why I can't help but to have some fun with the people who say that Linux/Mac can't get viruses. I emphasize on can't. Some people honest to God believe that just because they're on Mac or Linux, they are invincible from viruses. Then every now and then, something like this pops up. Although I've seen it happen more on Linux, I'm surprised it doesn't happen more on Mac. But I've seen the "screensaver" trick done on Mac too.
Re: A deb package claiming to be a screensaver is malicious
To get this "scary thing" to happen you had to trick the user to use sudo
When you're root lots of things can happen, that's why you should avoid it
But yes, viruses can infect Linux, but they have a much harder time than in Windows (don't know about Mac)
When you're root lots of things can happen, that's why you should avoid it
But yes, viruses can infect Linux, but they have a much harder time than in Windows (don't know about Mac)
Re: A deb package claiming to be a screensaver is malicious
Mac is about the same as Linux. Mac, in a sense, is comparable to Mint and Ubuntu where the user has to give permission for the software to run by inputing their password when they install it.