Every time I write about Windows security software, I get a predictable flood of responses from Linux advocates who claim that they don’t need any such protection. Today comes a shining example of why they’re wrong.
If you downloaded and installed the open-source Unreal IRC server in the last 8 months or so, you’ve been pwned. Here’s the official announcement:
Hi all,
This is very embarrassing…
We found out that the Unreal3.2.8.1.tar.gz file on our mirrors has been replaced quite a while ago with a version with a backdoor (trojan) in it.
This backdoor allows a person to execute ANY command with the privileges of the user running the ircd. The backdoor can be executed regardless of any user restrictions (so even if you have passworded server or hub that doesn’t allow any users in).
Two additional details in the announcement added extra helpings of irony:
It appears the replacement of the .tar.gz occurred in November 2009 (at least on some mirrors). It seems nobody noticed it until now.
Right. Because even server administrators believe that open source and Linux software are impregnable by design, the official download of a widely distributed server product has been infected with a backdoor that gives bad guys complete ownership of the system. Oops.
And my favorite part:
The Windows (SSL and non-ssl) versions are NOT affected.
Again, that’s right. A similarly infected Windows file in the wild would be detected within days if not hours after a routine virus scan by someone checking the download before installing it.
Meanwhile, Mac users shouldn’t get complacent either. Intego has reported two in-the-wild outbreaks of a Trojan horse program found on game sites and a gruesome piece of spyware that tags along with screen savers and other freebie apps. (And Intego says they found copies of the unwanted software even after the original distributor claimed to have removed it.)
If you think all of this sounds familiar, you’re right. Welcome to the world Windows users lived in back in 2003 or so. The good news for security professionals who use Linux or a Mac? They have years of lessons to draw on courtesy of their Windows peers.
(Thanks to F-Secure’s Mikko Hyponnen for the tip, via Twitter.)
Ed Bott is an award-winning technology writer with more than two decades' experience writing for mainstream media outlets and online publications.
http://www.zdnet.com/blog/bott/linux-infection-proves-windows-malware-monopoly-is-over/2206?tag=nl.e539
Δεν υπάρχουν σχόλια:
Δημοσίευση σχολίου