help-octave
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

GNU Octave website hacked and links replaced with trojan-containing inst


From: Stephane Guillou
Subject: GNU Octave website hacked and links replaced with trojan-containing installer??
Date: Mon, 2 Mar 2020 06:03:30 +0000

Hi there

 

I’m not sure if I’m imagining things here but I am very suspicious:

 

Just installed Octave on Windows 10 from https://www.gnu.org/software/octave/download.html

 

I noticed that Symantec detected the security risk “Trojan.Gen.MBT” in a libsqlite library:

 

Scan type: Auto-Protect Scan

Event: Risk Found!

Security risk detected: Trojan.Gen.MBT

File: C:\Octave\Octave-5.2.0\mingw64\bin\libsqlite3-0.dll

Location: C:\Octave\Octave-5.2.0\mingw64\bin

Computer: LIBPF1FL7FE

User: SYSTEM

Action taken: Pending Side Effects Analysis : Access denied Date found: Monday, 2 March 2020  1:32:50 PM

 

I looked at the installers locations, and they use ftpmirror.gnu.org instead of ftp.gnu.org

 

I looked at the website ftpmirror.gnu.org and it redirects to https://mirror.freedif.org/GNU/

 

The website freedif.org looks very dodgy to me.

 

Looks like all URLs in the windows download page have been replace with this.

 

I am imagining things? What is going on here?

 

Cheers

 

---

St├ęphane Guillou (he/him)
   Technology trainer (Library)
  
UQ Ally Network member | Green Office representative
The University of Queensland | St Lucia | QLD 4072 Australia
p: (+61) 7 344 32705 | m: (+61) 4 68 37 37 48 | @: address@hidden

Please consider the environment and print this email only if necessary

 


reply via email to

[Prev in Thread] Current Thread [Next in Thread]