this post was submitted on 15 Sep 2023
25 points (82.1% liked)

Technology

34395 readers
453 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.

Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.

Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
[email protected]
25
Trojanized Free Download Manager found to contain a Linux backdoor (FDM's response in post text below) [Securelist] (securelist.com)
submitted 1 year ago by [email protected] to c/[email protected]
5 comments fedilink hide all child comments
 

From https://www.freedownloadmanager.org/blog/?p=664:

It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribute malicious software. Only a small subset of users, specifically those who attempted to download FDM for Linux between 2020 and 2022, were potentially exposed. It’s estimated that much less than 0.1% of our visitors might have encountered this issue. This limited scope is probably why the issue remained undetected until now. Intriguingly, this vulnerability was unknowingly resolved during a routine site update in 2022.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] -2 points 1 year ago (1 children)

How do actors detect other actors? Ever heard of how Team Blue ops work?

[–] [email protected] 2 points 1 year ago (1 children)

Until yesterday they even didn't know that they were hacked for years, then cleaned the file by accident when doing automatic updates; now they know who did that. Seems a way to shift blame

[–] [email protected] -3 points 1 year ago

Have you read the code? Ukrainian clowns were behind this, just like the node-ipc NPM incident. There is a thread on HN about it as well, if you want to read.