this post was submitted on 05 May 2025
189 points (98.5% liked)

Linux

53930 readers
792 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago
MODERATORS
AgreeableLandscape@lemmy.ml
nooter692@lemmy.ml
MarcellusDrum@lemmy.ml
cypherpunks@lemmy.ml
cyclohexane@lemmy.ml
d3Xt3r@lemmy.nz
189
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack (thehackernews.com)
submitted 1 day ago* (last edited 1 day ago) by abobla@lemm.ee to c/linux@lemmy.ml
15 comments fedilink hide all child comments
 

Packages:

  • github.com/truthfulpharm/prototransform
  • github.com/blankloggia/go-mcp
  • github.com/steelpoor/tlsproxy
top 15 comments
sorted by: hot top controversial new old
[–] tomatoely@sh.itjust.works 4 points 6 hours ago* (last edited 6 hours ago)

If anyone is curious, I checked the yay aur helper go dependencies here and it had none of the malicious packages mentioned on this post

[–] termaxima@programming.dev 5 points 11 hours ago

Taking garbage collection to a whole new level !

[–] HelloRoot@lemy.lol 76 points 1 day ago (1 children)

Aaah finally, malware for Linux, truly the year of the Linux Desktop!

[–] Ahrotahntee@lemmy.ca 33 points 1 day ago

We made it! I never thought I'd live to see this day!

[–] vegetvs@kbin.earth 63 points 1 day ago (1 children)

The Go programming language allows developers to fetch modules directly from version control platforms like GitHub.

This is absolutely not just specific to Go.

[–] krakenfury@lemmy.sdf.org 35 points 1 day ago (1 children)
  • PyPi
  • npm
  • Maven Central
  • Docker Hub
  • Artifact Hub
  • PPA
  • AUR

The problem isn't specific to anything. It's also not specific to malware. Vulnerabilities are just as dangerous, if not more so.

[–] FurryMemesAccount@lemmy.blahaj.zone 7 points 11 hours ago (1 children)

Cargo also has a --git option but I suppose it's not default behavior

[–] krakenfury@lemmy.sdf.org 2 points 7 hours ago (1 children)

Sure! My point is that hosting doesn't really matter, though. Malware and vulnerabilities are introduced at all points of supply chains.

[–] FurryMemesAccount@lemmy.blahaj.zone 3 points 7 hours ago

I agree, I was just giving another example to raise awareness about that feature of rust.

[–] fluxion@lemmy.world 33 points 1 day ago

This is why we can't have nice things

[–] UnfortunateShort@lemmy.world 17 points 1 day ago (1 children)

Any intel on affected, high-profile software?

[–] MoonMelon@lemmy.ml 15 points 1 day ago (1 children)

I found the original blog post more educational.

Looks like these may be typosquats, or at least "namespace obfuscation", imitating more popular packages. So hopefully not too widespread. I think it's easy to just search for a package name and copy/paste the first .git files, but it's important to look at forks/stars/issue numbers too. Maybe I'm just paranoid but I always creep on the owners of git repos a little before I include their stuff, but I can't say I do that for their includes and those includes etc. Like if this was included in hugo or something huge I would just be fucked.

[–] catloaf@lemm.ee 10 points 1 day ago (1 children)

The really fun version of that is when people take some of the hallucinated package names from an LLM and create them, but with malware.

[–] OctaviaMeowzly@lemmy.blahaj.zone 1 points 1 day ago

Halloween documents pt 2