Linux & Open Source - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Linux & Open Source


E-Mail Scam Dupes Linux Users



 By: Matthew Broersma
2004-10-25
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Linux & Open Source story.


Rate This Article:
Poor Best
Red Hat warns users to be on the lookout for e-mail posing as a security update.

Red Hat Inc. on Saturday warned users of an e-mail scam designed to plant malicious code on users systems. The malicious e-mail poses as a security update from the vendor, a technique that has become familiar to Windows users, but is a novelty in the Linux world.

The e-mail, which has been circulating since late last week, says it originates from the "Red Hat Security Team" and urges users to download a patch fixing vulnerabilities in the ls and mkdir file system utilities. To add a veneer of authenticity, the scammers used an authentic-seeming domain name, fedora-redhat.com, to host the malicious download.

Red Hat increases security in its latest update. Read more here.

"The Red Hat Security Team strongly advises you to immediately apply the fileutils-1.0.6 patch. This is a critical-critical update," the message says. The e-mail message and the site contained instructions for downloading, decompressing and installing the false update.

The fedora-redhat.com domain name was reported to have been displaying the fake security message as late as Sunday, but by Monday morning it was no longer available. Fedora is Red Hats Linux distribution for technology enthusiasts and hobbyists; the company maintains an authentic Fedora site at fedora.redhat.com.

Red Hat became aware of the scam on Saturday, and issued an advisory on the front page of its security site. "These trojan updates contain malicious code designed to compromise the systems they are run on," said Red Hat Security Response Team leader Mark Cox on Monday, in a statement provided to eWEEK.com.

Resource Library:
For insights on security coverage around the Web, check out eWEEK.com Security Center Editor Larry Seltzers Weblog.

Cox said the company never sends unsolicited security messages and noted that all genuine messages and packages are signed with a GPG (Gnu Privacy Guard) digital signature, the details of which are available on Red Hats site.

Windows has been hit by several worms that spread via e-mails masquerading as security patches; for example, a version of the Dumaru worm last year spread via fake Microsoft e-mails. A related problem is the proliferation of phishing e-mails, which lure users (on any platform) to a supposedly authentic Web site, where they are induced to enter sensitive information such as bank account details and passwords to e-commerce accounts.

Check out eWEEK.coms Linux & Open Source Center for the latest open-source news, reviews and analysis.

Be sure to add our eWEEK.com Linux news feed to your RSS newsreader or My Yahoo page



  Reader Comments: E-Mail Scam Dupes Linux Users
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Linux & Open Source Articles          >>> More By Matthew Broersma
 


x}ks6*Q3{L푦d[-n"!1ErI%wro7%?&sf6ЍFh|Gλ$\i9cr3ݩkjޢ.w߽ !?Xf8iTEK ]ߤ~Am;t =4mFNHB~}@~sfwD%x_'Щѩ&€wɄZIКؕ>}~qlv .hvLIlG5tuOpnFA|Qχu)t(D>-Dm:\'7*GUnSpca_ʞ0HYɼM"h4"j>vn3 w2`~|!k`Tx>? C5CUVekF֠}luy!l 1#oKݿ!Hͤ޸@d`jId:@:",C63!p55\ap)zHZ6tG-#HPN$=+AbArxưcIH'|6XBяZIa^_y yN tq(r~7P7ƾ;s270XMDV6'>6L( |H?I Cu"ħFr ˺Y4hmwEajjT+W^P|}l˙}p*sNϿ.iٻ_HQPw;w@VVa(.;7^Oa\`'HH7&LT*jZ*NL@aBjLx:~Xst\㍒~7nJe_P+).C#-b|+0CF_8riOgsK߾ڤ>>?O}1fPk5M~"3h ؕgxo4X:nOOn9n;W'9ސqɝN4p3 ZʟZr`Ck'^SS?&:aZ+}I-Gf{t&޺pt9&IoKDz|?!8_^Cj ݖUB_*Xȟ/Rzhf5 t @CX&%92ɔSHu t:d9AcE'}6kiBuV!`JC̺oR49(蟉$m4@r5)6B̄H )7R?oz@U@ZZ~nV$9USEI7#DL vxr!DKI88g^R]E1\aU<8:Zo֖͉*]X[u5jZlE?ƴ;]g'჎$>h&ƋCri[nL,rӇtw@Nݧn]=&tfo/*Abχ& ahMi5 >F#m &>vl 8d $)s>yp;L-)0(-JC=ˋF0P6 = 2/?>aCxwݐ,P}@}`soeC93(=JdN˕ }"@F>H>'!hI#r Bг,`@o%`9`P ar T<ʦBIJd&3,BV-KїPf%i2khƪń(VFN1|(0Vf)`T4fs)wdmr)s77UBsNHB/W2 \_&VAB5 6d:ɤPl';oWfAװ DؚZWS{<`m1Jx>hx# d\6XbO`#Vškϧ;°w^^vԿ~F|2޴ۄC=1͉V*a0Y6؋T,{gMR^ {0iTW+JIUӤck@Lf2,rGmAu،;s<}Zj\Z,>R>5 < đOT׃RUaT(j];12­qÝa&1 DR)Ö1Swhi'Ǚm*IrIQ)xkMf9oLq3ۊg4dD ڸ/)cpGl^\~ЇBK SK@'^a`EBkǖYCǖbT۔І;TR=OqP%УGii}~هF9#,!_0Hqw,"ZTjSCjvXVkov L3)' Sf N|_ћxoũ1FtI[J?0t .rɵ>gs||ujN8alEc>eLZrlxTaW*4ʋzhNCFK Zman0-UT'KV=ibGHo Y58._g0p4J3%Jt( yB\W4Uud XY `j$a!L`V8!+ #mqJk'4CuλWԲ)+V,tu `_snM=זG$*XG2>Lk}]P~sboY چHB&:GdHC>+`NT:Yw<܁c:P?H(TZg7cMśH]ac6U{z@nR)Z',vh\JEW>67/=Ǐd"9ym2$8z.0JM;%95$_ۂ3FnyuitLeb`l "Z`|i-X`&c1 s*? }l3pڳ`Mɧb_߯Xcփ0 IG}w3O>Ǥ9TYb5J9ޣ0)6@yb#kUa bȈCzfzJ$~g~[q{?I ~9pTjgHUWt,,#8jKC_ 胦xc_7)~(zC9m{~>sTU]~T'-FRV%~萫II#G"ZAY_Mkɒ8khs%p B0_\PF.^%R2i$yF(%!%KgOPlXC=B3tMnio.ZWk26簤v ˽'jD@KY3#nƝj}UNKZ^$t`1۳"%1$tpL\'Li7JղAk JZ8~G+a>&ri&kSHgG ɲ\' ׫UVگ]q.g$ ,$,zǣx]!6ps^ar0qq8(-E<92=qhZavOT+d4A<8&ov/?B?kueajE1vkHV~ZgZq=Κb2;?RTn;'R6i/.; ?N:Nꀷ!9owqA^>{q O,}E\q@*5?t?\HY]Fya8F&PvB, oIŤ}vntΤ6zv>G2SH#res%d}ܽzsՖҽNs5A nTHˁBV<Mti)qfڌ7MJ,$L_=ֈdȰ J*Xƥ{sҾ̂q ՜4"z ON3bn,qmjw}eYLoH:|X!bPH\R ~tIw} .V_$@Anp+z!NU HE*e4ДKe=:M<;iwoZ)5[E_ѫſE½}YVST t6~OWK0fAbQ+F+=ǭN:IbI NANhs_,ĠC9n1xAZd~leԉ9%2 \ ?m[ħ{, /䎑>D=:dSNQ(iQE-e9rtJ9S"\+ 6H P,OҼe=lI1 iK"ih$bbVFZowݺڜ6<5ަmƙBmK$sgKe֊ pkP q"+ b >ϣ#+y-EY-Vyғ;i9: a!y]9 EuX.gHUkN+tt,ZȍNڰq ;eΫPf|mv,KمN5W>0lyRѵls2fucBA095ѧ@b `0 AU  jnMM%,`*h 5fXeKoNuAI\uuoߐէ9arԆcAɼ>#ᛷ 6n2}2JO$hﭱ~QtGov/{fCY F=f/ݷvcW};Ǎ>-l-8tǠQCҀ3I1&ZQP**sᔤvɌX^O&Xd17K0d&qKf}#uoo=إ ֛%v(;R7cw:gԙa2+ +OxǪCnE|qUjQzBǏ?g$:ܨڗƾVa;ĐDY)Rw)\;Jcfϣno" ;yqwQ؋T0%&oU~Pw0&,ZVXpc2W1r7i;s /鱯 $ fN;l=(}IO(`Bl}AWAg^ML XJ}wkB{K̾@%-r{46|p,uYD^8!Gn%أw'Z]c}veIŐA|yJwRSۙZY𜣩M+voWHJCymbeUXPV$LpOZI>^$Ӛo}^MxEQ9jn]Ҁl7k42zr!ńs(ȺMp`=gY,UVfG\45%z\3^Os&KPfdI'PBbR'AmD|ihZUI62@R|V3RTLk.US=/i9W.3P>8g} S3t2h r)Xlv8D(AA&&eFSr #ᝏa3xփUƻ7 CeIU$6}.7lwҭ3s){ہQg|Ɲs`[ߠRZWjF#1accD4FXcx6G4F}m\ d(|Z5 b+ޗTUMytN"N2ceGR]5k>pJ>&䒎C_𹪔ka9$Yd  3”8,ʻJ 44xmcY~q^allgH!H%d/RsMU%dks0xۋuiaKԛߞM٪lL[ ןK#R-l,iRy[1P(vqa_=*AB^zU7[PڧeX!1]a\~>/G_'mo5Z̓^^ !wLH#Km_GKv-J%Y`QKs*(Kb_,bIh>'𡲎YmzVoooo\-jw&% srɋrKM,CW ,`^ fxk%`:q]ԒZ.t7/I8 -€4}jَnd.aٔs~Yڗ_xݞOAlȘK1fXǾH=puW,z`kX= Gw6ذŮ[ှT0|iJYh_1?xf}\JRXTjyrhDcK!"U,,Gd̟M[+J'%2vhzcJ>fڌB>~}}xA!Hb $y B\Hw`g?xzRz2xyC%, b=C Z\: +cק5 DK_"%t3QMŮ_V_ׂ0g&P<HGX+ 3- %[S!"x7~K;b'TR+ҥ y3LG5u=pB#E $!&opbȰ5m.3~vƘnLaf:avOԶOui 0Uňk('>?fM55>ZGY ^b+] B,¶aD!ȡ-b61ʵm <߉!,tˑZ4zm,05v1h}P2D#%1we(c$Gs8RG5Śx KEa/2j=="@Ÿ Rxc) +hWxB,p}&6K ʹ<8?%ԣ|Q8gFSYh9MOcjFnj5e_]-O?P/ ]ZX,:Ȓ~WeL<^^A֋+ iMo"rRIoA$zTG&JRM` /}Ÿ渷YM13цX50~fB׵GaEvD_e|W@O[fkw1m2YՉZ mݹ[6=!5&EbW  @W&Du#i!Y,t:sPNWD]%AJ%͌t@EP]ׯ0Oļ\\sn`.=ZXYrVfh ͬͱj-%Fd]fAJ"%'099ݱ=X.?ZDa8TJ o J}J0'7Z$U!7Tg`dw*ֿ|Ɉֲs%.%/ rF@YfGP56}D:noퟑZ rվ]M=<swB&#y;򧺸YJMhCY/:fxr`(L6t+a_i3e1qaGGu?䏃ِ O>!F|1[GB(W9$#M>Sh|sS1";W9'pp\pr@KL+2&Bs8A_oz=&>I % œ 5"  B-1v~ II!5Q"`"1a9=c3bwQ$x b^8|||v[/ T6CĊ1gOiX$_@1@ZB.ȿI*Rc)vqY@y#LL͂zĂG(^jJ͍$u~fvK) '.X`,2E<ep?,Gzaa2?y :RLzy 6t(QS=1U&n+nN rPh$`x=9~imbta~X{dO ( @Ka1c~Po֔J$2 >(%>gٕa)걪VRו/?(I ;UeM =M镬B*^Ȉq/4 }:1's7cZ'rڽ!-rznއM^E.a[+ |폺Uw'ןN;WU<|1 kyl2/*f(H^.NQʩ٦ΘksYx9%E:w8l[wO|ӿxRf}Y QJNi211S:9izZ>ZAN|vuIc:jS#[}uR'M&7bS׾hI]hF&5+ۺv)))-VNyʻ9'@vN1/? Pa}yBǜs(?)-/sa|r *G~`rƯ _9:?onrrׇ9}}̡---m:Iʙ#gk\8=JW ͣ~TA__y+%iN>質9+f7_ΡsTh=*Я#Uߧdnldҹ>R+ ]q%]pLڭe]9hq_l %^a/ ^敽< xEB+gٔ@#X{#u'NW6#ﹺ d^)WsU}Ӊ{Z?Ś/Yy<qLklžȁ>lLD4k{HO9|z[,G$qv=PW].6pqS0n+ 4` K}ƺExvY^]Yj7m!ϋ1y}2oفOh] O WY-KbaP$П}LxZnamn= `oZY=tfF}yP4lK%LBhDc&ZbgGqLP[tC=ѯF.h D1tö0vA l(U˚VVk[*j f{Dç*R'Ӏe`_)&K<# .M3^e&MȡN!3p<@&J5FG P }:._l<* ۼx7lTy Nd@?o 7Xi, v2׳!+CMqkI%B{Po6@mG{ ,cx u1<X!ꞠWKKDr&ߢjF T*A[`9JEfq Z<6Trсw ${HN,} ޳B3s{Ī]DDF}q!rE> ׭]B3S<psb2 ?L}f`->X v;i\Ldk,ysff\3&2O=I~_|1@YCŊvsOFdu#,FČ(3B=/aoA+_akA[*{Oq AnӕcX00wUW -'/Հm'[#y19K:BƻL/ftf$T6?,ʌ˟$41nw%x/^o&.M~gik-sO=%4Id`ѥWC׽~rh`=E(-|Y\k<##1苌Y Mc B:ɄdX.N`'CShp`AoN[Q=$VSPsXOmM\-n\{&ܿcx"m,w?cPv^v>ΐR(|kx}$>{Ma-ăW v,='IDπjUM$f@gQl(VxHDN=]ylo()y+6*نxJ*(s[BI<ŗ<>,D*9"QIo Q)@EikA/?tI3ۉd쥽%}Yq v|.}zxFʫu\r#rfRB4w^|7(6؆|%OG Ͽa9eKB$uЧ FϩnC>XZe.-s(ŬBSd<)O?n'[nIG\k<>b؎3 n=ձ wO`7@#>&rd{Ko0kSsL%:9-S/p,Zf@6C|'Jo? =ȾJ F ϱmh1ngo`SCl .7'.O]& xWa! e;1KMP`O3M|Zwȑ( l}i͜GK@0mӕhOyq7V0Y c/1+$~Il=buVږ+yL1e~}J<3G(uO",@zP`y%K@ z qS`hwq#ƫ1tcVBR(at!L?U1?c5VIٶ7G,cݰKQa[:6 n ۊ uy˷DM\7﹨'me#FP1M)?&Il} ra|X ^|޹+o=ȉe6뙣\g0^n,eH}+qd.GDI Ik.-wvua4,Lb9"[^'QI 8VRжX3e"@a)5dBLN7 S 3pRaL  b[и<1vm˘sq9v9K1E~2㡺_V~\ʹkcPKֽk x ؚտHQ#zfi!ACWqk @{kĵy6 = 9!j1Bi6eY1aR[W`0Z.<',(`,$v"VTHkMΡmlpR!%fƲ"7cP!lXd]-noB@:S .xBDZ,ɋ|P cyx ^ŧ$NSb0|:L+OK+R?a%Pt^khYi/.;xH%H}Sw= ɳaFK;O(Uƥ9;(>^tooh/=j|vpu"Em9EKBޜ Tv>Vurҹ:KW{zv C&ȕ/g-F#-<#DYfCժZ-Nj|ۊ#iQg8&rYOr};7 D^4†mJPU&s)c MWb\)MCS9U/;V&|&Z2c{͵N_ lU(