this post was submitted on 05 May 2025

173 points (98.3% liked)

Linux

53930 readers

955 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

173

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack (thehackernews.com)

submitted 1 day ago* (last edited 1 day ago) by abobla@lemm.ee to c/linux@lemmy.ml

12 comments fedilink hide all child comments

Packages:

github.com/truthfulpharm/prototransform
github.com/blankloggia/go-mcp
github.com/steelpoor/tlsproxy

top 12 comments

sorted by: hot top controversial new old

[–] termaxima@programming.dev 1 points 4 hours ago

Taking garbage collection to a whole new level !

[–] HelloRoot@lemy.lol 61 points 21 hours ago (1 children)

Aaah finally, malware for Linux, truly the year of the Linux Desktop!

[–] Ahrotahntee@lemmy.ca 27 points 21 hours ago

We made it! I never thought I'd live to see this day!

[–] vegetvs@kbin.earth 57 points 1 day ago (1 children)

The Go programming language allows developers to fetch modules directly from version control platforms like GitHub.

This is absolutely not just specific to Go.

[–] krakenfury@lemmy.sdf.org 30 points 1 day ago (1 children)

PyPi
npm
Maven Central
Docker Hub
Artifact Hub
PPA
AUR

The problem isn't specific to anything. It's also not specific to malware. Vulnerabilities are just as dangerous, if not more so.

[–] FurryMemesAccount@lemmy.blahaj.zone 5 points 4 hours ago (1 children)

Cargo also has a --git option but I suppose it's not default behavior

[–] krakenfury@lemmy.sdf.org 1 points 35 minutes ago

Sure! My point is that hosting doesn't really matter, though. Malware and vulnerabilities are introduced at all points of supply chains.

[–] fluxion@lemmy.world 30 points 1 day ago

This is why we can't have nice things

[–] UnfortunateShort@lemmy.world 14 points 1 day ago (1 children)

Any intel on affected, high-profile software?

[–] MoonMelon@lemmy.ml 13 points 21 hours ago (1 children)

I found the original blog post more educational.

Looks like these may be typosquats, or at least "namespace obfuscation", imitating more popular packages. So hopefully not too widespread. I think it's easy to just search for a package name and copy/paste the first .git files, but it's important to look at forks/stars/issue numbers too. Maybe I'm just paranoid but I always creep on the owners of git repos a little before I include their stuff, but I can't say I do that for their includes and those includes etc. Like if this was included in hugo or something huge I would just be fucked.

[–] catloaf@lemm.ee 8 points 21 hours ago

The really fun version of that is when people take some of the hallucinated package names from an LLM and create them, but with malware.

[–] OctaviaMeowzly@lemmy.blahaj.zone 1 points 22 hours ago

Halloween documents pt 2