Red Hat Inc. on Saturday warned users of an e-mail scam designed to plant malicious code on users' systems. The malicious e-mail poses as a security update from the vendor, a technique that has become familiar to Windows users, but is a novelty in the Linux world.
The e-mail, which has been circulating since late last week, says it originates from the "Red Hat Security Team" and urges users to download a patch fixing vulnerabilities in the ls and mkdir file system utilities. To add a veneer of authenticity, the scammers used an authentic-seeming domain name, fedora-redhat.com, to host the malicious download. "The Red Hat Security Team strongly advises you to immediately apply the fileutils-1.0.6 patch. This is a critical-critical update," the message says. The e-mail message and the site contained instructions for downloading, decompressing and installing the false update.
News source: eWeek
The e-mail, which has been circulating since late last week, says it originates from the "Red Hat Security Team" and urges users to download a patch fixing vulnerabilities in the ls and mkdir file system utilities. To add a veneer of authenticity, the scammers used an authentic-seeming domain name, fedora-redhat.com, to host the malicious download. "The Red Hat Security Team strongly advises you to immediately apply the fileutils-1.0.6 patch. This is a critical-critical update," the message says. The e-mail message and the site contained instructions for downloading, decompressing and installing the false update.
News source: eWeek
Thanks to Morgan and Carlo for the heads-up on this one!
Plus, I can target Commodore 64 users with an email scam. It doesn't make a Commodore 64 any more or less secure.
That's very true... but even with a password controlled admin account if a program updates system files and comes with malware/spyware that you don't notice during install then your system is still compromised.
Windows needs to be seriously reworked, and that is what they are (hopefully) doing with Longhorn - but it is too early to tell if this will be effective.
Even if you voice an agreement with snake-eyes, he finds ways to be rude and obnoxious.
Now I'll sit and wait for my warning from the GNU-Uber Mod. Woopie.
I know.
Though I guess as they spread Linux and make it more user friendly for newcomers, this kind of thing will become equally commonplace.
mv * > /dev/null
Edit: Oh what it does is create a user, enable ssh and send the ip and user acct to an email address so the creator can remotly access your machine. plus all updates for redhat/fedora come through up2date so anyone that actually installed it my accident is just dumb
Last edited by 8005 on 25 Oct 2004 - 20:12
hahahahahahahahahaha.
Ahhhh OS X the great fortress!
Hehehehe, slowly but surely we are all going the same path....
For those relatively interested in finding out what it does, well, I downloaded the tarball, which contains a c source, a Makefile and a "binary" file.
The c source is nothing but a sort of decryption for the compiled shell script joined with this -- it will gather some info about your system, create a user with UID 0 and GID 0 on your system. Then oh the fun starts, it mails everything to some random address.
2. This is not a virus. It is a scam email to trick dumb users. A virus self-propogates. This doesn't propogate. It asks the user to install.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.