Beware 'Fedora-Redhat' Fake Security Alert
rixdaffy writes "I just received an email from the 'Redhat Security Team' telling me that I needed to download some tar file from fedora-redhat.com. Besides the fact that I don't use Red Hat/Fedora, I immediately smelled something fishy. Maybe it's not the first trojan targeted at Linux users, but together with the official sounding domain, it could trick some users into downloading and running the binary. It looks like Red Hat is already aware of the issue." According to Red Hat's page, "These emails tell users to download and run an update from a users home directory. This fake update appears to contain malicious code." Update: 10/25 01:32 GMT by T : One borked link, unborked.
I wouldn't worry, they're probably on the forums trying to find the command to install it.
I'm sure glad I'm using windows!
Dammit why does Linux have to be so complicated, I mean damn you have to compile your own viruses and everything!!!!
Debian has been weeding out incompetent users with its "impossible to use" installer for years.
It keeps the "Mandrake Crew" off of the debian-users lists.
But I am running SUSE! Am I adviced in similar fashion? Perhaps I too should applying patch lest SUSE found vulnerability also? Thankyou to www.fedora-redhat.com for adviced me in this helpful manner against remote attackers!
This was version 0.1 of the trojan, and is not yet ready for public release. With helpful contributions like your, we hope to use the "many eyes" approach, in keeping with the OSS philosophy, to form a complete and fully featured trojan.
Thus we would like to thank you for your generous time in helping this valuable project reach its full potential.
You may also like to take note of our web site www.bugzilla-Fedora-Redhat.com, where we have set up a forum dedicated to improving our product.
Don't forget the domain that the script emails, root@addlebrain.com
Sorry to dissapoint you, but I doubt he owns the domain - they offer free webmail, so it's likely he just signed up for an account. Presumably they didn't stop anyone from getting the username 'root' - I signed up for 'administrator' just now (password 'monkey' if you don't believe me) with no problems.
If the Antivirus companies were responsible, they'd have done a better job.
If Microsoft was responsible, they wouldn't have included any source code.
If SCO was responsible, they'd have included sourcecode and then sued you for running it
All things taken into consideration, I'm with 'other' on this one
Ripping an new rectum in the fabric of spacetime.
(Mind you, I'm no better. First time I got a computer virus, when I was running MSDOS, my first reaction was to run a binary diff against a clean version of the file, and disassemble the result to see what it did. Do you know if there's a cure for this?)
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
It's safe to view, as long as you don't go trying to compile and run it! :-p
Hey, stop trying to deny my GPL rights you Windows-loving tyrant!
This is an honor virus. Please forward to all your friends, then format your hard drive(s). Thank you.
I feel fantastic, and I'm still alive.