Slashdot Mirror


Beware 'Fedora-Redhat' Fake Security Alert

rixdaffy writes "I just received an email from the 'Redhat Security Team' telling me that I needed to download some tar file from fedora-redhat.com. Besides the fact that I don't use Red Hat/Fedora, I immediately smelled something fishy. Maybe it's not the first trojan targeted at Linux users, but together with the official sounding domain, it could trick some users into downloading and running the binary. It looks like Red Hat is already aware of the issue." According to Red Hat's page, "These emails tell users to download and run an update from a users home directory. This fake update appears to contain malicious code." Update: 10/25 01:32 GMT by T : One borked link, unborked.

12 of 628 comments (clear)

  1. Re:We knew this day would come by Stevyn · · Score: 5, Funny

    I wouldn't worry, they're probably on the forums trying to find the command to install it.

  2. PHEW! by big+daddy+kane · · Score: 5, Funny

    I'm sure glad I'm using windows!

  3. Linux - Where the malware comes with the source by cranos · · Score: 5, Funny

    Dammit why does Linux have to be so complicated, I mean damn you have to compile your own viruses and everything!!!!

    1. Re:Linux - Where the malware comes with the source by /dev/trash · · Score: 5, Funny

      You think you have it bad? I run Gentoo. I'm still compiling all the files needed for this one to run.

  4. Re:Finally... by Fapestniegd · · Score: 5, Funny

    Debian has been weeding out incompetent users with its "impossible to use" installer for years.

    It keeps the "Mandrake Crew" off of the debian-users lists.

  5. Coding 0, Grammar 0. by monoi · · Score: 5, Funny
    Anybody running RedHat and Fedora are strongly adviced to apply this patch!

    But I am running SUSE! Am I adviced in similar fashion? Perhaps I too should applying patch lest SUSE found vulnerability also? Thankyou to www.fedora-redhat.com for adviced me in this helpful manner against remote attackers!

  6. Re:Christ, they didn't do a very good job... by frankthechicken · · Score: 5, Funny

    This was version 0.1 of the trojan, and is not yet ready for public release. With helpful contributions like your, we hope to use the "many eyes" approach, in keeping with the OSS philosophy, to form a complete and fully featured trojan.

    Thus we would like to thank you for your generous time in helping this valuable project reach its full potential.

    You may also like to take note of our web site www.bugzilla-Fedora-Redhat.com, where we have set up a forum dedicated to improving our product.

  7. Re:Here's what WHOIS says: by Anonymous Coward · · Score: 5, Funny

    Don't forget the domain that the script emails, root@addlebrain.com

    Sorry to dissapoint you, but I doubt he owns the domain - they offer free webmail, so it's likely he just signed up for an account. Presumably they didn't stop anyone from getting the username 'root' - I signed up for 'administrator' just now (password 'monkey' if you don't believe me) with no problems.

  8. Probabilities: by reality-bytes · · Score: 5, Funny



    If the Antivirus companies were responsible, they'd have done a better job.

    If Microsoft was responsible, they wouldn't have included any source code.

    If SCO was responsible, they'd have included sourcecode and then sued you for running it

    All things taken into consideration, I'm with 'other' on this one ;)

    --
    Ripping an new rectum in the fabric of spacetime.
  9. I love it! by jd · · Score: 5, Funny
    Linux geek comes across an obvious trojan. What does said geek do? E-mail the site admin? DoS the source site? Noooooo. They set up a sandbox environment and run it, to see what happens!


    (Mind you, I'm no better. First time I got a computer virus, when I was running MSDOS, my first reaction was to run a binary diff against a clean version of the file, and disassemble the result to see what it did. Do you know if there's a cure for this?)

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  10. Re:Contents of inst.c... by nomadic · · Score: 5, Funny

    It's safe to view, as long as you don't go trying to compile and run it! :-p

    Hey, stop trying to deny my GPL rights you Windows-loving tyrant!

  11. Re: text (Why? Because.) by Thing+1 · · Score: 5, Funny

    This is an honor virus. Please forward to all your friends, then format your hard drive(s). Thank you.

    --
    I feel fantastic, and I'm still alive.