Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Linux Foundation Confirms Malware Attack


  • Please log in to reply
5 replies to this topic

#1 buddy215

buddy215

  • Moderator
  • 13,324 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:07 AM

Posted 12 September 2011 - 02:31 PM

Linux Foundation Confirms Malware Attack::Brought to you by TechWeb
By Mathew J. Schwartz
Read the Original Article at InformationWeek

.......
The Linux Foundation last week emailed all of its users, warning them that an attacker had compromised LinuxFoundation.org and Linux.com, as well as their subdomains. The attacker may also have stolen usernames, email addresses, and passwords. The attack was discovered on Thursday, and the foundation is still conducting a full audit of the affected sites. "We are in the process of restoring services in a secure manner as quickly as possible," it said in a notice posted on the front page of the Linux Foundation website...........




........In addition, no changes could be made to the distributed code without alarms sounding. "The code for the kernel (and for many other projects) is managed with the 'git' source code management system. And git does not allow the code to be modified by third parties without people knowing about it," said Jonathan Corbet, executive editor of LWN.net, in a blog post.

Notably, a 160-bit cryptographic hash is generated for every set of Linux code changes. "The key to the hash function is that, if the contents of the file change, the hash will change too," said Corbet. "Creating any new file matching the hash of an existing file is not really possible; if you want that new file to look like the old one with the exception of a bit of hostile code, the challenge is even bigger."

Still, he said, as a member of the Linux kernel development community, "I can say that this episode is disturbing and embarrassing."


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

BC AdBot (Login to Remove)

 


#2 Keith1

Keith1

  • Members
  • 504 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hamilton, Ohio
  • Local time:08:07 AM

Posted 14 September 2011 - 09:37 AM

Thanks for posting that information buddy215, I've seen where some fellow Linux users think they are 100% bulletproof. Myself, I always prefer to err on the side of caution. I use Firestarter and ClamAV on my linux systems.

Also this topic reminds me that I haven't run my rootkit scans for awhile, I'll be doing that today.


Keith

#3 rburkartjo

rburkartjo

  • Members
  • 3,998 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:austin,tx
  • Local time:08:07 AM

Posted 14 September 2011 - 10:36 AM

you can never be too careful. i always have ufw enabled and use bit defender. i still wont worry too much most of the hacks are against windows,mac. linux is a low priority. the hackers just wanted to prove -anything can be hached.
quote:He that would live in peace & at ease, Must not speak all he knows,nor judge all he sees.'

#4 castoffpolite

castoffpolite

  • Members
  • 160 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Somewhere in Nebraska, I think.
  • Local time:07:07 AM

Posted 15 October 2011 - 11:09 AM

Okay so how to download AV? What AV's work? Tried BD it is an .exe file. I'm not yet comfortable enough with this system yet to understand how to install those files without causing myself more problems. Have the ufw enabled. What do I do?

AE

#5 rburkartjo

rburkartjo

  • Members
  • 3,998 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:austin,tx
  • Local time:08:07 AM

Posted 15 October 2011 - 11:18 AM

cast clam av is in the ubuntu software center. just do a search for virus scanner and then install
quote:He that would live in peace & at ease, Must not speak all he knows,nor judge all he sees.'

#6 castoffpolite

castoffpolite

  • Members
  • 160 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Somewhere in Nebraska, I think.
  • Local time:07:07 AM

Posted 15 October 2011 - 11:19 AM

Thanks rburk, I'll wander on over there.

AE

Edited to add,

rburk, I found the update for the GUI and amazingly clicked on the right update link, and all worked as things should, whew. LOL thanks.

Edited by castoffpolite, 15 October 2011 - 12:44 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users