|
| From: | Stephane Guillou |
| Subject: | RE: GNU Octave website hacked and links replaced with trojan-containing installer?? |
| Date: | Mon, 2 Mar 2020 06:06:32 +0000 |
|
Note that the URLs for the signatures have also been replaced, so I assume checking the installer’s signature wouldn’t reveal the issue. Cheers --- Stéphane Guillou
(he/him) – From: Stephane Guillou
Hi there I’m not sure if I’m imagining things here but I am very suspicious: Just installed Octave on Windows 10 from
https://www.gnu.org/software/octave/download.html I noticed that Symantec detected the security risk “Trojan.Gen.MBT” in a libsqlite library: Scan type: Auto-Protect Scan Event: Risk Found! Security risk detected: Trojan.Gen.MBT File: C:\Octave\Octave-5.2.0\mingw64\bin\libsqlite3-0.dll Location: C:\Octave\Octave-5.2.0\mingw64\bin Computer: LIBPF1FL7FE User: SYSTEM Action taken: Pending Side Effects Analysis : Access denied Date found: Monday, 2 March 2020 1:32:50 PM I looked at the installers locations, and they use ftpmirror.gnu.org instead of
ftp.gnu.org I looked at the website ftpmirror.gnu.org and it redirects to
https://mirror.freedif.org/GNU/ The website freedif.org looks very dodgy to me. Looks like all URLs in the windows download page have been replace with this. I am imagining things? What is going on here? Cheers --- Stéphane Guillou
(he/him) – |
| [Prev in Thread] | Current Thread | [Next in Thread] |