Ubuntu Malware for DDoS Attack Found in Screensaver

Advertisements

ubuntu new logo

Update: It seems like another malware was found in a theme called “Ninja Black”.

A malware has been found in a .deb file claiming to be a screensaver from Gnome-Look. The malware appears to be an agent for a DDoS attack. This affects Ubuntu and other Debian based OS as well.

The .deb file in question is supposedly a screensaver of a waterfall. When installed, the “screensaver” installs some scripts with elavated privileges rather than the screensaver that is expected. The script is designed to auto-update itself and potentially to make the infected system take part in a DDoS attack.

The “screensaver” in question has been removed from Gnome-Look now. This incident highlights that fact that Linux, just like Windows, can be infected with malware if users are not careful while installing softwares outside of the official repositories and trusted PPAs.

Fix

If you have installed the malware, running the scripts given below in terminal should remove it.

sudo rm -f /usr/bin/Auto.bash /usr/bin/run.bash /etc/profile.d/gnome.sh index.php run.bash

sudo dpkg -r app5552

Additional help may be found in the Ubuntu Forum.

December 10th, 2009 Written by Ricky    

Free subscription: Subscribe RSS feed or get daily tips in your email
* Click confirmation link sent in email * Don't see the email? check spam folder

  Facebook 

Tags: , ,

Liked it? Share...   Digg It!   Submit to Del.icio.us   Submit to Reddit   Stumble   Submit to Identica   Slashdot It   Send to a friend via email


blog comments powered by Disqus

Trackbacks