Summary
-
Attackers replaced the download link on the Xubuntu website with malware for Windows;
-
Apparently, the invasion targeted users looking for an alternative to Windows 10;
-
The project team has temporarily disabled the download page, but it is still possible to download the distribution.
With the end of support for Windows 10, some are experimenting with Linux distributions in the search for an alternative to Microsoft’s operating system. Anyone who tried to download Xubuntu Linux over the weekend from the official website may have come across malware for Windows, however.
Xubuntu is a variation of Ubuntu that has Xfce as its default. As this desktop environment is lightweight and easy to use, Xubuntu ends up being an option for those who have an old PC or are looking for an intuitive user experience.
Like so many other Linux distributions, the most practical way to find Xubuntu download links is to access the project’s official website.
But, as reported by the OMG! Ubuntuan invasion caused, last Saturday (10/18), the Xubuntu website to distribute malware for Windows instead of the official torrent link to download the distribution.
The malicious file in question was named “xubuntu-safe-download.zip” and, when opened, extracted an .exe file, as well as a text file with supposed terms of service.
On Reddit, a supporter of the distribution who investigated the file points out that the malware aims to intercept links to cryptocurrency accounts copied to the Windows clipboard. Other malicious actions of the malware are not ruled out.
Xubuntu team acted quickly
It is strange that malware for Windows is distributed on the website of a Linux distribution. As support for Windows 10 ended on October 14, it is to be assumed that attackers on the Xubuntu website were trying to target users looking for an alternative to the Microsoft system.
Fortunately, those responsible for the project disabled the download page as soon as they were informed of the problem. The page will only be restored when the security breach is resolved or there are no longer any risks to user security, which appears to depend on negotiation with the website’s hosting service.
For now, anyone who needs to download Xubuntu can use the distribution’s image directory.
It is worth noting that only the project website was compromised. Distribution images were not affected.
Source: https://tecnoblog.net/noticias/invasao-fez-site-do-xubuntu-distribuir-malware-para-windows/
