The Mono framework, a free system that lets users run Windows applications on other operating systems, including macOS, is allowing malicious attackers to infect Apple systems with Windows malware.
Mono was developed by Miguel de Icaza, a co-founder of the GNOME desktop project, a DE that is used by Linux systems. De Icaza is now employed by Microsoft.
The security firm Kaspersky Lab pointed out that malicious attackers were collecting data about Apple systems and feeding it into adware using files with an .exe extension – files which normally run only on Windows.
Interest: If ever there was reason to uninstall mono, this is it
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
- catweazel
- Level 19
- Posts: 9763
- Joined: Fri Oct 12, 2012 9:44 pm
- Location: Australian Antarctic Territory
Interest: If ever there was reason to uninstall mono, this is it
https://www.itwire.com/security/86727-a ... claim.html
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
"There is, ultimately, only one truth -- cogito, ergo sum -- everything else is an assumption." - Me, my swansong.
Re: Interest: If ever there was reason to uninstall mono, this is it
pjotr has for years now recommended to always uninstall mono/orca as one of the first things to do with a new install as it would be able to open your system up to windows malware baddies...this proves him right and one of the first things i ever learned about linux, as well as dont use wine, dont copy and paste unknown code from random websites, dont disable sudo password for "ease of use" etc., and be wary of PPAs not from a well known trusted source...DAMIEN
Re: Interest: If ever there was reason to uninstall mono, this is it
+1
Easy tips : https://easylinuxtipsproject.blogspot.com/ Pjotr's Great Linux projects page.
Linux Mint Installation Guide: http://linuxmint-installation-guide.rea ... en/latest/
Registered Linux User #462608
Linux Mint Installation Guide: http://linuxmint-installation-guide.rea ... en/latest/
Registered Linux User #462608
Re: Interest: If ever there was reason to uninstall mono, this is it
And this is surprising? If you use windows software you are vulnerable to windows viruses.... just also install a proper AV ffs
Re: Interest: If ever there was reason to uninstall mono, this is it
It remains a terrible argument. With that reasoning you gotta uninstall Python, too (among many other things).
(just in case: don't do it, you'll break your system)
(just in case: don't do it, you'll break your system)
- catweazel
- Level 19
- Posts: 9763
- Joined: Fri Oct 12, 2012 9:44 pm
- Location: Australian Antarctic Territory
Re: Interest: If ever there was reason to uninstall mono, this is it
Orca has nothing to do with this, it's a screen reader. Pjotr's tip to remove it is to prevent unsuspecting persons from getting a shock when their machine talks at them. But, yes, he's quite right about the risk posed by mono. I wouldn't go so far as saying "proves him right", but the article certainly justifies Pjotr's extreme caution with mono.DAMIEN1307 wrote: ⤴Thu Apr 18, 2019 8:10 am pjotr has for years now recommended to always uninstall mono/orca as one of the first things to do with a new install as it would be able to open your system up to windows malware baddies...this proves him right
"There is, ultimately, only one truth -- cogito, ergo sum -- everything else is an assumption." - Me, my swansong.
Re: Interest: If ever there was reason to uninstall mono, this is it
yeh, im aware that is orcas purpose, i just remember that the original code he used to use a few years back included orca as well as mono in the same line and i wasnt interested in orca anyways...and i would say, "extreme caution" is a fair term to use here as well when referring to mono usage...DAMIEN
Last edited by DAMIEN1307 on Thu Apr 18, 2019 8:20 am, edited 2 times in total.
Re: Interest: If ever there was reason to uninstall mono, this is it
From the article:
The "licence" in question costs $45 which would be the smallest expenditure a typical Mac user would ever make for his system.To add to the irony, this was done with pirated copies of the Little Snitch firewall and users who tried to avoid paying for a licence ended up with malware instead, researcher Leonid Grustniy said.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
Re: Interest: If ever there was reason to uninstall mono, this is it
Does Mono by itself run .exe files if there is no Wine installed?
If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!
- catweazel
- Level 19
- Posts: 9763
- Joined: Fri Oct 12, 2012 9:44 pm
- Location: Australian Antarctic Territory
Re: Interest: If ever there was reason to uninstall mono, this is it
The article isn't fully clear on the point, but yes, it could run without Wine, which is the purpose of having mono.
Code: Select all
mono moems_malware.exe
Code: Select all
#!/bin/sh
/usr/bin/mono /usr/lib/moems_malware/moems_malware.exe "$@"
"There is, ultimately, only one truth -- cogito, ergo sum -- everything else is an assumption." - Me, my swansong.
- catweazel
- Level 19
- Posts: 9763
- Joined: Fri Oct 12, 2012 9:44 pm
- Location: Australian Antarctic Territory
Re: Interest: If ever there was reason to uninstall mono, this is it
I have to agree.
Edit: I avoided saying it so as not to complicate matters. I got the impression from the article that they confused the .exe extension with being a Windows only thing, but mono can build .exe files.
"There is, ultimately, only one truth -- cogito, ergo sum -- everything else is an assumption." - Me, my swansong.
- Pjotr
- Level 24
- Posts: 20130
- Joined: Mon Mar 07, 2011 10:18 am
- Location: The Netherlands (Holland) 🇳🇱
- Contact:
Re: Interest: If ever there was reason to uninstall mono, this is it
I disagree that it's a terrible argument.... Removing Mono makes your system less vulnerable, at a very low price (the loss of a few applications that can usually easily be replaced by non-Mono alternatives).
I wouldn't of course advise to remove Python, because the price you pay would be far too high (namely a broken system).
Perfect computing security is unfortunately unattainable in this valley of tears we call earth. C'est la vie....
But we can achieve a remarkably high level of computing security, without sacrificing too much for it.
Complete security is a pipe dream. Risk management is horse sense. I love horse sense.
Last edited by Pjotr on Thu Apr 18, 2019 8:56 am, edited 1 time in total.
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
- catweazel
- Level 19
- Posts: 9763
- Joined: Fri Oct 12, 2012 9:44 pm
- Location: Australian Antarctic Territory
Re: Interest: If ever there was reason to uninstall mono, this is it
I agree with you. Removing mono reduces the potential attack surface area.
"There is, ultimately, only one truth -- cogito, ergo sum -- everything else is an assumption." - Me, my swansong.
Re: Interest: If ever there was reason to uninstall mono, this is it
Naturally, but it's marginal. Even if there was a lot of malware compiled with mono, which I strongly doubt, the real problem is the user executing the malware in the first place. Whether you run a malicious mono application or even just a malicious shell script really makes no difference at that point, you're compromised either way. Furthermore, I have no doubt that users would confirm to install mono when the malware asks them to do it, anyway.
- catweazel
- Level 19
- Posts: 9763
- Joined: Fri Oct 12, 2012 9:44 pm
- Location: Australian Antarctic Territory
Re: Interest: If ever there was reason to uninstall mono, this is it
You are, of course, quite right but those of us not silly enough to do such things ought to ring the warning bells for those who would listen. What gets me about malware discussions in relation to linux is that too many people who ought to know better claim there is little to no chance of linux malware to the point of it having immunity, yet there is a plethora of linux malware out there. Desktop users have been fortunate only in that linux servers are the main target, targeted for OpenSSH exploits, and android devices, targeted for kernel exploits. Linux malware is big business because the cloud is big business, and nearly all of it runs on linux.gm10 wrote: ⤴Thu Apr 18, 2019 9:04 amNaturally, but it's marginal. Even if there was a lot of malware compiled with mono, which I strongly doubt, the real problem is the user executing the malware in the first place. Whether you run a malicious mono application or even just a malicious shell script really makes no difference at that point, you're compromised either way. Furthermore, I have no doubt that users would confirm to install mono when the malware asks them to do it, anyway.
"There is, ultimately, only one truth -- cogito, ergo sum -- everything else is an assumption." - Me, my swansong.
Re: Interest: If ever there was reason to uninstall mono, this is it
I'm completely with you there. Linux has more mitigating factors than Windows as far as malware distribution goes but structurally I've always argued that desktop Linux is even less secure than desktop Windows. To claim "Linux is safe" is reckless and ultimately doing a great disservice to Linux.catweazel wrote: ⤴Thu Apr 18, 2019 9:19 am What gets me about malware discussions in relation to linux is that too many people who ought to know better claim there is little to no chance of linux malware to the point of it having immunity, yet there is a plethora of linux malware out there. Desktop users have been fortunate only in that linux servers are the main target, targeted for OpenSSH exploits, and android devices, targeted for kernel exploits. Linux malware is big business because the cloud is big business, and nearly all of it runs on linux.
- Pjotr
- Level 24
- Posts: 20130
- Joined: Mon Mar 07, 2011 10:18 am
- Location: The Netherlands (Holland) 🇳🇱
- Contact:
Re: Interest: If ever there was reason to uninstall mono, this is it
Yes, but the point of removing Mono is, that its malware risk is potentially bigger than usual. Because it allows for cross-platform malware from the heavily infected Windows ecosystem.gm10 wrote: ⤴Thu Apr 18, 2019 9:04 amNaturally, but it's marginal. Even if there was a lot of malware compiled with mono, which I strongly doubt, the real problem is the user executing the malware in the first place. Whether you run a malicious mono application or even just a malicious shell script really makes no difference at that point, you're compromised either way.
Some would, some wouldn't.
As the saying goes: familiarity breeds contempt. We're very familiar with Linux, so we're also aware of its security deficiencies. That might lead to over-relativism, which in its turn might lead us to undervalue the fact that Linux is in fact very secure by comparison.
And I don't mean theoretical comparison, but practical comparison. Real life. Both feet firmly planted in the mud.
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
- Portreve
- Level 13
- Posts: 4870
- Joined: Mon Apr 18, 2011 12:03 am
- Location: Within 20,004 km of YOU!
- Contact:
Re: Interest: If ever there was reason to uninstall mono, this is it
Hey Pjotr:
Your set of how-to pages are fantastic. Ever since I bought first (and still current) SSD, your page on doing LM SSD optimization is my Bible. I can't begin to thank you enough. However, it is as I have said only since I bought an SSD that I was even aware of it.
I think a discussion may well be had — and probably should be — about how many people bother to do any of this, and therefore how many of those who do know about your pages. I imagine you have data on usage, of course, but that's not really the point I'm trying to make.
Likewise, and mind you I'm a technology enthusiast since the 1980s, even I have never looked on your pages for anything to do with Mono. In my own case, I don't make any kind of use of it, so this discussion is the first I've heard about the situation.
There needs to be a better way of going about all of this. Your pages should have, I think, visibility here on LMF.
So, some thoughts and general feedback...
Your set of how-to pages are fantastic. Ever since I bought first (and still current) SSD, your page on doing LM SSD optimization is my Bible. I can't begin to thank you enough. However, it is as I have said only since I bought an SSD that I was even aware of it.
I think a discussion may well be had — and probably should be — about how many people bother to do any of this, and therefore how many of those who do know about your pages. I imagine you have data on usage, of course, but that's not really the point I'm trying to make.
Likewise, and mind you I'm a technology enthusiast since the 1980s, even I have never looked on your pages for anything to do with Mono. In my own case, I don't make any kind of use of it, so this discussion is the first I've heard about the situation.
There needs to be a better way of going about all of this. Your pages should have, I think, visibility here on LMF.
Flying this flag in support of freedom 🇺🇦
Recommended keyboard layout: English (intl., with AltGR dead keys)
Podcasts: Linux Unplugged, Destination Linux
Also check out Thor Hartmannsson's Linux Tips YouTube Channel
Recommended keyboard layout: English (intl., with AltGR dead keys)
Podcasts: Linux Unplugged, Destination Linux
Also check out Thor Hartmannsson's Linux Tips YouTube Channel