APPLICATIONS

E-Mail Scam Targets Red Hat Users

Print Version
E-Mail Article
Reprints

By Tina Harlan
LinuxInsider
Part of the ECT News Network
10/25/04 10:24 AM PT

Despite widespread attention, Ken Dunham, Director of Malicious Code at iDefense, characterizes the Linux Trojan as a low threat. "It looks like there was a low volume of e-mails that spread over a period of several days," he said.


The Web Experience Forum, Oct. 14-16 in Boston, focuses on exploring how the latest trends are driving the best web experiences. Learn new ways to create, deliver and analyze the web experience you present to your customers. Save $200 off registration before 8/1/08. WebExperienceForum.com.

Microsoft (Nasdaq: MSFT) Free Trial. Security Software As A Service From Webroot. Latest News about Microsoft users may feel as though they're the only ones constantly under attack from hackers, but they're not alone with that dubious distinction. Late last week, Red Hat (NYSE: RHT) Latest News about Red Hat, the Raleigh, North Carolina-based Linux provider, was also hit.

The threat came in the form of a fake security warning. The e-mail alerts were sent from the address security@redhat.com, with a subject line that reads "RedHat: Buffer Overflow in 'Is' and 'mkdir.'" Recipients are directed to download an alleged patch, which in fact enables a remote attacker to execute malicious code with root privileges.

Warning to Users

Red Hat spokeswoman Leigh Cantrell Day provided the company's statement about the attack: "Official messages from the Red Hat security team are never sent unsolicited, are always sent from the address secalert@redhat.com, and are digitally signed by GPG. All official updates for Red Hat products are digitally signed and should not be installed unless they are correctly signed and the signature is verified." More details are available on Red Hat's Web site.

Despite widespread attention, Ken Dunham, Director of Malicious Code at iDefense Latest News about iDefense, which provides security intelligence to governments and Fortune 500 organizations, characterizes the Linux Verio brings something extra to Linux: reliability. Click to learn about free test. Trojan as a low threat. "It looks like there was a low volume of e-mails that spread over a period of several days," he says.

Unfocused Attack

"While it does show that Linux is always on the mind of some, this attack seems to be fairly opportunistic and unfocused," Dunham added. Even non-Red Hat customers have reportedly received the e-mails.

According to Dunham, an attack such as this is not nearly as serious as ones that allow viruses to be downloaded from known, trusted sites. The update link given in the messages is "www.fedora-redhat.com." Red Hat sponsors The Fedora Project, a community-supported open-source project, but it is not a company product.

This is, Dunham said, by no means "the kind of organized, targeted, methodical attack that we've seen just seen in Brazil," where officials arrested more than 50 people in what they called a US$30 million Internet fraud Latest News about Internet fraud. That scam involved infected e-mail E-Mail Marketing Software - Free Trial. Click Here. attachments that could store online bank account information and divert funds. Brazilian police have called the country home to eight out of 10 of the world's hackers.

The approach is nothing new, either. Last fall, Windows users were targeted with a mass-emailing about a security patch from Microsoft. These messages contained a virus that had the ability to steal account information and e-mail server details.

Social Networking Toolbox:
Talkback: Be the first to comment on this story.

Print Version E-Mail Article Reprints More by Tina Harlan   RSS

Related Resources

Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]