Date: Sat, 24 Nov 2018 20:08:31 +0000 From: Steve O'Hara-Smith <steve@sohara.org> To: freebsd-questions@freebsd.org Subject: Re: New Virus that targets *.nix Message-ID: <20181124200831.95698d25ed05d1480fda55f9@sohara.org> In-Reply-To: <8240dbdb-7e6e-23b7-caa0-9867ab2a74c3@tundraware.com> References: <DM5PR20MB210207A5208820C5F435CC1580D50@DM5PR20MB2102.namprd20.prod.outlook.com> <20181124175844.6115411.91608.68576@shaw.ca> <8240dbdb-7e6e-23b7-caa0-9867ab2a74c3@tundraware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 24 Nov 2018 13:10:57 -0600 Tim Daneliuk <tundra@tundraware.com> wrote: > On 11/24/18 11:58 AM, Dale Scott wrote: > > I don't know about everyone else, but considering my general lack of > > success running Linux shell scripts in general on FBSD, I don't think > > I'll panic just yet. ;-) > > I saw this earlier in the day. What was unclear to me was the exact > vector of propagation. Does it magically appear on my system somehow? Apparently it will try and make use of any ssh credentials it can get at to propagate, so unless it's on a system with credentials to log into yours then it needs someone to put it there and run it. OTOH if it gets into a large farm and finds ssh keys with no passphrases (all too often they'll belong to admins with access all over the place) it's going to go through it like a dose of salts. -- Steve O'Hara-Smith <steve@sohara.org>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20181124200831.95698d25ed05d1480fda55f9>