Update: It seems like another malware was found in a theme called "Ninja Black".

A malware has been found in a .deb file claiming to be a screensaver from Gnome-Look. The malware appears to be an agent for a DDoS attack. This affects Ubuntu and other Debian based OS as well.

The .deb file in question is supposedly a screensaver of a waterfall. When installed, the "screensaver" installs some scripts with elavated privileges rather than the screensaver that is expected. The script is designed to auto-update itself and potentially to make the infected system take part in a DDoS attack.

The "screensaver" in question has been removed from Gnome-Look now. This incident highlights that fact that Linux, just like Windows, can be infected with malware if users are not careful while installing softwares outside of the official repositories and trusted PPAs.

Fix

If you have installed the malware, running the scripts given below in terminal should remove it.

sudo rm -f /usr/bin/Auto.bash /usr/bin/run.bash /etc/profile.d/gnome.sh index.php run.bash

sudo dpkg -r app5552

Additional help may be found in the Ubuntu Forum.