Free download manager infetto da malware

[Tony]

Attenzione gente!
https://www.marcosbox.org/2023/09/sito-free-download-manager-malware-linux.html

[bobol]

 :ok:

[MVR270]

L'ultima frase : "Kasperksy ha inoltre contattato gli sviluppatori di Free Download Manager e li hanno informati di questa campagna senza aver sino ad oggi ricevuto alcuna risposta.".

Lascia un pò perplessi.

[guest22371]

Uget + Aria2 è un'alternativa sicura a FDM:

Codice Seleziona Espandi

apt install uget aria2

La spiegazione ufficiale data da FDM è questa:

"Dear community,
We wish to address a significant security concern that has recently come to our attention. Upholding your trust is paramount to us, and in our dedication to transparency, we aim to provide a clear and direct account of the situation.

What Happened: Today, informed by the findings from Kaspersky Lab, we became aware of a past security incident from 2020. It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribute malicious software. Only a small subset of users, specifically those who attempted to download FDM for Linux between 2020 and 2022, were potentially exposed. It's estimated that much less than 0.1% of our visitors might have encountered this issue. This limited scope is probably why the issue remained undetected until now. Intriguingly, this vulnerability was unknowingly resolved during a routine site update in 2022."

[Benzocaino]

Sarà scontato per i più ma è sempre meglio installare SW dai repository ufficiali delle varie distribuzioni.

[mortaretto]

 :ciao: sono perfetttamente d'accordo con benzocaino  :ok:

[Tony]

La spiegazione ufficiale data da FDM è questa:

"Dear community,
We wish to address a significant security concern that has recently come to our attention. Upholding your trust is paramount to us, and in our dedication to transparency, we aim to provide a clear and direct account of the situation.

What Happened: Today, informed by the findings from Kaspersky Lab, we became aware of a past security incident from 2020. It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribute malicious software. Only a small subset of users, specifically those who attempted to download FDM for Linux between 2020 and 2022, were potentially exposed. It's estimated that much less than 0.1% of our visitors might have encountered this issue. This limited scope is probably why the issue remained undetected until now. Intriguingly, this vulnerability was unknowingly resolved during a routine site update in 2022."

Ammettono che il malware era presente dal 2020 e si è risolto per caso, eppure segnalazioni da parte degli utenti di qualcosa di strano c'erano state.  :palm: