document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2024-12-23 21:20:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

ATRP

Browse Source 
@wxy
https://linux.cn/article-16190-1.html
This commit is contained in:
Xingyu Wang 2023-09-14 08:04:25 +08:00
parent 5696cd86e4
commit f09eaeea48
2 changed files with 86 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
published/20230913 Linux Malware- Read This If You Use Free Download Manager.md Normal file
View File

@ -0,0 +1,86 @@
[#]: subject: "Linux Malware! Read This If You Use Free Download Manager"
[#]: via: "https://news.itsfoss.com/free-download-manager-malware/"
[#]: author: "Ankush Das https://news.itsfoss.com/author/ankush/"
[#]: collector: "lujun9972/lctt-scripts-1693450080"
[#]: translator: "wxy"
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-16190-1.html"
如果你使用过 “Free Download Manager”必读以下信息
======
![][0]
> 无论如何,保持谨慎总是上策!
对于 Linux 的恶意软件,我们并不常提及,这是因为它常会被迅速修复,并且与 Windows/macOS 相比,在现实中被利用的情况相对较少。
然而,一款颇受欢迎的跨平台下载管理器 **Free Download Manager**,最近引起了一些关注。
虽然在我们的 [下载管理器列表][1] 中,并未将其列为 Linux 的推荐选项,但我们的一些读者以及我自己在过去的 Windows 使用体验中,都曾选择了它。
那么,问题来了,这究竟是怎么回事?
### 伪装成 Linux 版 Free Download Manager 的恶意软件
**Free Download Manager 本身并非恶意软件**。但问题在于,研究人员发现了一个恶意 Linux 程序包,而这个包,正是假冒 Free Download Manager 的。
安全研究公司卡巴斯基的研究员们 [发现][2],这个恶意程序包已经存在了至少两年(**2020-2022年**)的时间,而在此期间,大部分使用者并未意识到他们所安装的软件包,含有恶意组件。
许多恶意程序包都试图伪装成市场上受欢迎的程序那么_这件事究竟是怎么回事呢_
**问题的核心在于**:这个恶意程序包是通过 **Free Download Manager 的官方网站** 😱 和其他非官方渠道分发的,一直持续到 2022 年。
> 🚧 Free Download Manager 的官方网站是 `freedownloadmanager.org`,正式的下载 URL 是 `files2.freedownloadmanager.org`
而恶意程序包下载的域名是 `deb.fdmpkg.org`
换言之,这表明开发者并未察觉其官方网站已被恶意破坏,用户已被重定向,下载安装来自另一个域名的带有恶意的 Linux 程序包。
**需要注意的是**:并非所有用户在 2020 年至 2022 年期间,都被从官方网站重定向,下载了恶意程序包。然而,这并不能让情况改观,对吧?
你可能下载了,也可能没有下载安装过这个具有感染性的程序包 😕
**这个恶意软件究竟干了什么** 🤖
卡巴斯基的报告在描述这个恶意软件时,称其为 “一种 bash 窃取器”,这种窃取器可以收集系统信息、浏览记录、已保存的密码、加密货币钱包的文件,以及云服务的凭据,包括 AWS、Google Cloud、Oracle Cloud Infrastructure 以及 Azure 等。
考虑到在现实世界中很少看到 Linux 版的恶意软件,因此验证你下载工具的来源和可靠程度是至关重要的,这需要你始终保持谨慎态度。
尽管我们并未明确了解有多少的 Linux 用户习惯使用 Free Download Manager但这的确是令人警惕的新闻。你应当遵循所有 [提高隐私保护的建议][3],确保你的在线体验安全无忧。
### 现在,你应该怎么做?
在软件的开发者就此问题做出正式公开回应之前,我会建议你转而使用其他下载管理器:
> **[6 个最好的 Linux 下载管理器][4]**
如果你不记得(或无法确认你下载源的准确位置),我会建议你移除该下载管理器。
另外,我建议你阅读卡巴斯基发表的 [研究报告][2],找出可能的系统遭受损害的迹象。如果你的系统中存在相同的文件路径,且 Debian 程序包的恶意校验和与之相吻合,那么你应该手动移除它们。
即使你想要重新下载该软件,在安装包到你的 Linux 系统之前,你也必须核对下载 URL 的准确性。
💬 你如何看待 Linux 用户如何保护自己避免受到恶意软件的攻击?欢迎在评论中留言分享你的想法。
*题图MJ/6b1e3b3f-a880-4342-b38b-500468c72052*
--------------------------------------------------------------------------------
via: https://news.itsfoss.com/free-download-manager-malware/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者ChatGPT
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://news.itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: https://itsfoss.com/best-download-managers-linux/
[2]: https://securelist.com/backdoored-free-download-manager-linux-malware/110465/
[3]: https://itsfoss.com/improve-privacy/
[4]: https://itsfoss.com/best-download-managers-linux/
[0]: https://img.linux.net.cn/data/attachment/album/202309/14/080300ykkwbb9n48kj81bn.jpg

87
sources/news/20230913 Linux Malware- Read This If You Use Free Download Manager.md
View File

@ -1,87 +0,0 @@
[#]: subject: "Linux Malware! Read This If You Use Free Download Manager"
[#]: via: "https://news.itsfoss.com/free-download-manager-malware/"
[#]: author: "Ankush Das https://news.itsfoss.com/author/ankush/"
[#]: collector: "lujun9972/lctt-scripts-1693450080"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Linux Malware! Read This If You Use Free Download Manager
======
It is always best to stay cautious no matter what you use!
We do not often talk about Linux malware because it is often quickly patched up and not exploited much in the wild compared to Windows/macOS.
However, there has been a concern regarding the **Free Download Manager** (a decently popular cross-platform download manager).
While we do not recommend it on our [list of download managers][1] available for Linux, some of our readers have suggested it in the past. And I have used it as well up until now on Windows.
So, what is the issue?
### Malware Disguised as Free Download Manager Linux Package
**Free Download Manager is not malware**. However, a malicious package for Linux was found, distributed as Free Download Manager.
Security researchers at **Kaspersky** [discovered][2] that it existed for at least two years ( **2020-2022** ) without users knowing what they were installing.
Many malicious packages are disguised as popular programs.; _what's new here?_
**The problem** : The malicious package was found to be **distributed through the official website of Free Download Manager** 😱 along with any other unofficial sources up until 2022.
🚧
The official website is **freedownloadmanager.org,** with **files2.freedownloadmanager.org** as the correct download URL.
The domain from which the infected package was downloaded was **deb.fdmpkg[.]org.**
In other words, the official website was compromised without the developers realizing and redirected its users to download a malware-infected package for Linux from another domain.
**The catch is** : that not every user was redirected to download the malware package between 2020 and 2022 from the official website. However, it does not make things any better, right?
You may or may not have downloaded the infected package 😕
**What is the malware all about?** 🤖
Kaspersky's report describes it as " **a bash stealer** " that _collects data such as system information, browsing history, saved passwords, cryptocurrency wallet files, as well as credentials for cloud services (AWS, Google Cloud, Oracle Cloud Infrastructure, Azure)._
Considering Linux malware is rarely observed in the wild, it is important to stay cautious to verify the sources and the credibility of tools you download.
While we do not know how many Linux users utilize Free Download Manager, it is indeed alarming news. You should follow all the [tips to improve privacy][3] and secure your online experience.
**Suggested Read** 📖
![][4]
### What Should You Do Now?
Until the developers of the software put up an official public response to this, I would advise you to switch to other download managers available:
![][4]
You should remove the download manager if you do not remember (or cannot verify the source of your download).
Additionally, I would recommend you to go through the [research report][2] by Kaspersky to check indicators of compromise. If you have the same file path on your system and the malicious checksum for the Debian package matches, you should get rid of them manually.
Even if you want to re-download it, you should check the download URL before installing the package on your Linux system.
_💬 What are your thoughts on staying protected from malware on Linux? Share your thoughts in the comments below._
* * *
--------------------------------------------------------------------------------
via: https://news.itsfoss.com/free-download-manager-malware/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://news.itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: https://itsfoss.com/best-download-managers-linux/
[2]: https://securelist.com/backdoored-free-download-manager-linux-malware/110465/
[3]: https://itsfoss.com/improve-privacy/
[4]: https://itsfoss.com/content/images/size/w256h256/2022/12/android-chrome-192x192.png