Supply chain attack on Github, malware injected in fork ransomwares Linux machines
-
oh oh, I'm a below average arch user.
I suspect i copied most of my hoome from debian or something.I'll rename it to Dickuments as a security feature.
Hackers gonna wanna Netflix and chill
-
Apparently there's a bunch of projects getting hit with this, fairly obscure ones though. Project gets forked, suddenly get a pile of stars more than the original, and then there's a curl-bash pipe inserted into it that runs some ransomeware that encrypts ~/Documents.
About a dozen other projects linked in here from another developer (excuse the Reddit link): https://www.reddit.com/r/golang/comments/1jbzuot/someone_copied_our_github_project_made_it_look/
Finally, Linux is popular enough to get targeted by malware!
-
Apparently there's a bunch of projects getting hit with this, fairly obscure ones though. Project gets forked, suddenly get a pile of stars more than the original, and then there's a curl-bash pipe inserted into it that runs some ransomeware that encrypts ~/Documents.
About a dozen other projects linked in here from another developer (excuse the Reddit link): https://www.reddit.com/r/golang/comments/1jbzuot/someone_copied_our_github_project_made_it_look/
Yay, finally Linux is being attacked!
And as expected it takes whole lot more than clicking on an email attachment
Always check before you curl download something!
-
Apparently there's a bunch of projects getting hit with this, fairly obscure ones though. Project gets forked, suddenly get a pile of stars more than the original, and then there's a curl-bash pipe inserted into it that runs some ransomeware that encrypts ~/Documents.
About a dozen other projects linked in here from another developer (excuse the Reddit link): https://www.reddit.com/r/golang/comments/1jbzuot/someone_copied_our_github_project_made_it_look/
...the fuck is that title? I got a headache trying to make sense of it.
-
...the fuck is that title? I got a headache trying to make sense of it.
Yah, I read it afterwards and realized I'd verbed a noun. I'm not proud of it.
-
Apparently there's a bunch of projects getting hit with this, fairly obscure ones though. Project gets forked, suddenly get a pile of stars more than the original, and then there's a curl-bash pipe inserted into it that runs some ransomeware that encrypts ~/Documents.
About a dozen other projects linked in here from another developer (excuse the Reddit link): https://www.reddit.com/r/golang/comments/1jbzuot/someone_copied_our_github_project_made_it_look/
I keep saying this curl bash pipe shit needs to stop.
-
Apparently there's a bunch of projects getting hit with this, fairly obscure ones though. Project gets forked, suddenly get a pile of stars more than the original, and then there's a curl-bash pipe inserted into it that runs some ransomeware that encrypts ~/Documents.
About a dozen other projects linked in here from another developer (excuse the Reddit link): https://www.reddit.com/r/golang/comments/1jbzuot/someone_copied_our_github_project_made_it_look/
good time to not have a ~/Documents and keep backups encrypted off site
-
Yah, I read it afterwards and realized I'd verbed a noun. I'm not proud of it.
Here in Lemmy you can edit titles
-
Apparently there's a bunch of projects getting hit with this, fairly obscure ones though. Project gets forked, suddenly get a pile of stars more than the original, and then there's a curl-bash pipe inserted into it that runs some ransomeware that encrypts ~/Documents.
About a dozen other projects linked in here from another developer (excuse the Reddit link): https://www.reddit.com/r/golang/comments/1jbzuot/someone_copied_our_github_project_made_it_look/
-
Yay, finally Linux is being attacked!
And as expected it takes whole lot more than clicking on an email attachment
Always check before you curl download something!
No. Feel free to download shit and even attempt to run shit. Chances are they won't run because shits are compiled against glibc and my system is not.
-
Maybe they're using xdg-dirs? That might work, won't it?
-
Apparently there's a bunch of projects getting hit with this, fairly obscure ones though. Project gets forked, suddenly get a pile of stars more than the original, and then there's a curl-bash pipe inserted into it that runs some ransomeware that encrypts ~/Documents.
About a dozen other projects linked in here from another developer (excuse the Reddit link): https://www.reddit.com/r/golang/comments/1jbzuot/someone_copied_our_github_project_made_it_look/
Why the Documents folder tho? Who expects important stuff to be there?
Now all my Linux ISOs are gone, smh
-
I keep saying this curl bash pipe shit needs to stop.
Yes, I agree, but then, what would be an alternative?
Store it into a file, chmod it and run it? git clone the repo and run a script from it? I don't think any of those would be different, apart from having more steps most people won't even check anything.
I don't know if we can fix this while allowing people to run stuff they don't understand on their machines. Maybe community curated scripts or something, know the people who does the stuff and only run stuff made by people you already know.
I think we're running too fast, we need to chill down, idk.
-
Yes, I agree, but then, what would be an alternative?
Store it into a file, chmod it and run it? git clone the repo and run a script from it? I don't think any of those would be different, apart from having more steps most people won't even check anything.
I don't know if we can fix this while allowing people to run stuff they don't understand on their machines. Maybe community curated scripts or something, know the people who does the stuff and only run stuff made by people you already know.
I think we're running too fast, we need to chill down, idk.
Yes, I agree, but then, what would be an alternative?
Any package manager that allows for ways to verify the source. These shitty script|bash lines are doing all sorts of nutty shit on your system, and that's ones that aren't even malicious.
-
Finally, Linux is popular enough to get targeted by malware!
Year of Linux wen? Now? Ples, B now?
-
System shared this topic on
