back to article Guess who's addicted to GitHub, busy on Slack, stuck in 2015? No, not another hipster: It's the Slub backdoor malware

A new malware strain tapped into GitHub posts and Slack channels to siphon precious data from infected Windows PCs, it is claimed. Researchers at Trend Micro have dubbed the malware "Slub", a mash-up of the names of the two services the software nasty apparently used to obtain instructions from its masterminds and exfiltrate …

  1. lglethal Silver badge
    Go

    Surely the name "Slack Hub" would be more appropriate. It also would act as a pretty good insult for anyone who gets infected, because a) they didnt implement a year old security update, and b) didnt have any anti-virus installed on an intetrnet facing computer.

    Bloody slack hubs...

    1. stiine Silver badge
      Joke

      Woulnd't "Hack" be equally as good?

  2. Ian Emery Silver badge

    basic precautions

    Not using the steaming pile of dung known as Internet Explorer would be a start.

    1. Ian Emery Silver badge

      Re: basic precautions

      The up/down votes could be perfectly balanced if BOTH the other IE users downvote me.

  3. Cronus
    Facepalm

    It's interesting that such a professional and targeted attack would use such old exploits to infect its victims. That it was successful at all is yet another sad reminder of how piss-poor non-technical user's patching processes are.

    I hate the way Windows 10 forcibly updates itself but in the grand scheme of things it's probably doing more good than harm if attacks like these can succeed due to lack of patching.

    1. Version 1.0 Silver badge

      While I may bitch about starting Firefox and Chrome and seeing nothing for a minute while they update, you are correct - automated patching is the only real defense. I wonder what other groups are getting hacked or monitored by this approach - we've got a lot of faff running around this month, could there be other fingers in the pie too?

      Me? I've stopped reading the News, it's too depressing most of the time.

    2. Ommerson

      It may be that the attackers had a good idea of the systems and level of patching of the victims' computers.

  4. oiseau Silver badge
    Facepalm

    No need ...

    Panic, flee, cry – or just update Windows install a Linux distribution for fsck's sake.

    There ...

    Fixed it for you.

    Heed the advise and there'll be absolutely no need to panic, flee or cry.

    Cheers,

    O.

    1. MatthewSt

      Re: No need ...

      You got an example of this distro that stays secure without needing updates?

      I can assure you that someone will be panicking, fleeing and crying if you swap out their OS

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019