From owner-freebsd-questions@freebsd.org  Sat Nov 24 17:58:57 2018
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 08F9B113359A
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Sat, 24 Nov 2018 17:58:57 +0000 (UTC)
 (envelope-from dalescott@shaw.ca)
Received: from smtp-out-no.shaw.ca (smtp-out-no.shaw.ca [64.59.134.13])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "Client", Issuer "CA" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 0FEBB84F45
 for <freebsd-questions@freebsd.org>; Sat, 24 Nov 2018 17:58:53 +0000 (UTC)
 (envelope-from dalescott@shaw.ca)
Received: from cds143.dcs.int.inet ([10.0.153.165]) by shaw.ca with ESMTP
 id QcCaguZ6tjQc4QcCbgbpoi; Sat, 24 Nov 2018 10:58:46 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shaw.ca;
 s=s20180605; t=1543082326;
 bh=Z0c1IjFaPORxkBt5wy+X6vWqAJRFb6quKRDQZH7vZuo=;
 h=Date:Subject:From:In-Reply-To:References:To;
 b=pAA9lfAPGEKSUZj9yF4gI1Jaiyn1G3gW2TZg7esjGzj1Ucr0fvPjHBNuh8wljD0Gx
 TyLAihK5p58/r2Y1ilAKQRZtA3kg/JU6OD0dRyidrtDO6ZXcZtqAPJqVSCpmMcV8Jo
 NOcjV7PaptkY/z7bLPaf5MSWbBYTOKOer2mbbwdSN9H7i/egIB/yP/VP8ahyRn1oSD
 7zMjy9Y8/E/2y26e7Q++XxpQ1OQg3qUDCvl0n4vEdMdYxl89QcVLFrYgX7DsEND9FI
 uyo/UcoV9kpVWiSrIO/9naSAMLxcgq8G6h/x9YCsJDngwsCJCUm3YFx2I2sMnfEbRr
 WuWKw25HqgGGg==
X-Authority-Analysis: v=2.3 cv=bOrH382Z c=1 sm=1 tr=0
 a=/UpIoJrLhaD689zIoPQAHQ==:117 a=cGVoNuomWboA:10 a=IkcTkHD0fZMA:10
 a=sA-ssjpUAAAA:8 a=6I5d2MoRAAAA:8 a=8KApGgdU6NuMeP3v6nsA:9 a=QEXdDO2ut3YA:10
 a=2jLNGmKYVhMA:10 a=MeU51efvtLpnGWnoXA2X:22 a=IjZwj45LgO3ly-622nXo:22
MIME-Version: 1.0
X-Client-ID: 68576
X-Mailer: BlackBerry Email (10.3.3.2205)
X-Mailer: Zimbra 8.6.0_GA_1225 (MobileSync - RIM-Q10-SQN100-1/10.3.3.2205)
Message-ID: <20181124175844.6115411.91608.68576@shaw.ca>
Date: Sat, 24 Nov 2018 10:58:44 -0700 (MST)
Subject: Re: New Virus that targets *.nix
From: Dale Scott <dalescott@shaw.ca>
In-Reply-To: <DM5PR20MB210207A5208820C5F435CC1580D50@DM5PR20MB2102.namprd20.prod.outlook.com>
References: <DM5PR20MB210207A5208820C5F435CC1580D50@DM5PR20MB2102.namprd20.prod.outlook.com>
To: Carmel NY <freebsd-questions@freebsd.org>,
 FreeBSD <freebsd-questions@freebsd.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Originating-IP: [184.151.231.135, 96.50.152.95]
Thread-Topic: New Virus that targets *.nix
Thread-Index: AQHUhAhGSxtnWieqEEu9u9KBLzoEX5vub/PD
X-CMAE-Envelope: MS4wfANG0VBdUeCsoBA5YFZrdRajiv/zIOXgUOYj1zJ5ZUbmkonUU9kE2oohPn7HnjtWi8zzUH8XnjT8vvcqjzuWT3TMUPCXg4LDt/KpWlf9j6VDDaKmlB7c
 1m1UZNTTuAmJAtJEDAML2KCW9XBvJqkq31xkC9QONn/z3qtTBuqJfOXlEnLfzo58dWoqbmwXoo0aM42/nA7aM+LLTKYP6EQocCzOYmLcJZjZJJgPuPYVfpao
X-Rspamd-Queue-Id: 0FEBB84F45
X-Spamd-Result: default: False [-6.35 / 15.00]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; HAS_XOIP(0.00)[];
 FROM_HAS_DN(0.00)[]; R_DKIM_REJECT(0.00)[shaw.ca];
 R_SPF_ALLOW(-0.20)[+ip4:64.59.134.0/25];
 MIME_GOOD(-0.10)[text/plain]; TO_MATCH_ENVRCPT_ALL(0.00)[];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 IP_SCORE(-2.46)[ip: (-7.28), ipnet: 64.59.128.0/20(-2.75), asn: 6327(-2.20),
 country: CA(-0.09)]; TO_DN_ALL(0.00)[];
 DKIM_TRACE(0.00)[shaw.ca:-]; RCPT_COUNT_TWO(0.00)[2];
 DMARC_POLICY_ALLOW(0.00)[shaw.ca,none];
 MX_GOOD(-0.01)[idcmail-mx2no.cg.shawcable.net,smtp.glb.shawcable.net,idcmail-mx1so.cg.shawcable.net,idcmail-mx2no.cg.shawcable.net,smtp.glb.shawcable.net,idcmail-mx1so.cg.shawcable.net];
 DMARC_POLICY_ALLOW_WITH_FAILURES(-0.50)[];
 NEURAL_HAM_SHORT(-0.98)[-0.977,0];
 RCVD_IN_DNSWL_LOW(-0.10)[13.134.59.64.list.dnswl.org : 127.0.5.1];
 FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[];
 ASN(0.00)[asn:6327, ipnet:64.59.128.0/20, country:CA];
 MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2]
X-Rspamd-Server: mx1.freebsd.org
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Nov 2018 17:58:57 -0000

I don't know about everyone else, but considering my general lack of succes=
s running Linux shell scripts in general on FBSD, I don't think I'll =C2=A0=
panic just yet. ;-)=C2=A0


=C2=A0 Original Message =C2=A0
From: Carmel NY
Sent: Saturday, November 24, 2018 7:14 AM
To: FreeBSD
Reply To: FreeBSD
Subject: New Virus that targets *.nix

This looks like a particularly nasty virus.

https://www.zdnet.com/article/new-linux-crypto-miner-steals-your-root-passw=
ord-and-disables-your-antivirus/

--=20
Carmel
_______________________________________________
freebsd-questions@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org=
"