back to article AWS has a security hub, OpenSSL has a new license, London has a problem with cryptocoins, and more

November ended with a week of medical mishaps, near disaster at Dell, and the introduction of Pesky Pepper. Here are a few more bits that went under the radar. Linux gets its own nasty Bitcoin malware Researchers with Dr Web took credit for the discovery of Linux.BtcMine.174. If the malware gets onto a Linux system it, as the …

  1. LDS Silver badge

    It's interesting the attack to one of Italy's PEC system providers went unnoticed abroad.

    PEC (electronic certified mail) system is used to send and receive a lot of sensitive emails - and in many situations is now mandatory to use it for document exchanges with government and its agencies.

    It looks 500,000 accounts have been attacked on November 10, of which tens of thousand used by government and its agencies, courts included. Actually, when the provider (not disclosed, but many sources says it's TIM) shut down the system to avoid bigger damages, courts were badly hit, as their operations were blocked.

    Sources say the activity on 10th were a recon, while the full-blown attack was started on 12th. The provider notified the police the following day, but on 14th the systems were shutdown to contain the attack.

    Italy's government and its law enforcement agencies, including the "cyber" ones, kept a very low profile - even when the news became public, although they hinted about a foreign source.

    Affected users should have been notified, but the real extent of the breach is not known.

  2. Walter Bishop Silver badge
    Linux

    Linux gets its own nasty Bitcoin malware

    If the malware gets onto a Linux system it, as the name suggests, attempts to hijack cycles to mine cryptocurrency and also tries to disable any security software.

    How exactly does the Linux malware get onto the Linux system in the first place, without the user downloading and running the malware and providing the root password? Oh look this link points to a website for Dr.Web Anti-virus on which resides this quote:

    A multicomponent malware program capable of infecting Linux devices and intended to be used for Monero (XMR) mining. It is implemented as a shell script containing over 1,000 lines of code. When launched

    Yes, the suspence is killing me, how does the script execute itself, without user action. And while you're at it share with us what Linux techie runs a script without reading it!!!

    After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.”

  3. gerdesj Silver badge
    Linux

    Re: Linux gets its own nasty Bitcoin malware

    "How exactly does the Linux malware get onto the Linux system in the first place, without the user downloading and running the malware and providing the root password?"

    Sadly many installers these days consist of something like this:

    # curl https://bit.ly/script.sh | /bin/bash

    Not everyone downloads the script first and analyses it before running it. To be fair it is no more dangerous than installing *anything* off say Tucows on a Windows box.

  4. Spazturtle Silver badge

    Re: Linux gets its own nasty Bitcoin malware

    " how does the script execute itself"

    The script needs to be run by the user, if the user has a system that has Shellshock patched the script needs to be ran as root in order to work.

  5. Anonymous Coward
    Anonymous Coward

    @Walter - Re: Linux gets its own nasty Bitcoin malware

    You're absolutely right and I don't know why you got the down-votes. I've seen this many times, including for Windows malware when they tell you in great detail what harm it is causing to your system but they omit the most important bit: how the pox gets into the system so we can defend against it. This is somewhat irresponsible in my opinion.

  6. Anonymous Coward
    Anonymous Coward

    Ebay didn't pay the researcher

    As is typical of the scumware Ebay, they didn't pay that researcher:

    > Sadly, they have no cash rewards for valid bugs

    Even though they leaked full access credential which would have easily enabled a complete takeover of their infrastructure. That's about as bad as it gets. Should have given the researcher $20k+.

    Next time, just announce the bug to the world. Give them a reason to pay people for their time, like they should be doing.

  7. Ken Moorhouse Silver badge

    Re: the company caught wind of an attempted hack on its customer rewards program

    Is there something we should know about the ingredients of this "rewards program"?

  8. ElReg!comments!Pierre

    Re: the company caught wind of an attempted hack on its customer rewards program

    Perhaps a trial run. One would suppose that DK's reward program is under less scrutiny than, say, banking sites. Run your whole database against DK, identify re-used credentials, then re-use only them against banking sites?

  9. Winkypop Silver badge
    Joke

    Meanwhile....

    The Dunkin' Donuts breach attracted a larger than normal Police attendance...

  10. Anonymous Coward
    Anonymous Coward

    Finally !

    "Matt Caswell says that the upcoming release, which will be the first released under the Apache License 2.0, will also introduce a new version scheme that will look to simplify the release process and bring it more into line with other software."

    At last ! The versioning of OpenSSL was a never ending source of laughter !

  11. Anonymous Coward
    Anonymous Coward

    No hacking necessary

    But the app of a particular burrito chain doesn't deduct reward points when I spend them (properly) on a free burrito. Instead it gives me more points as if I'd paid for it.

    (Also found on a holiday website that I got a voucher code intended for first-time customers when I linked my social accounts. Each time I linked my social accounts.)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018