Red Hat hit by phishing scam

Red Hat was forced to release a security warning for many of its Linux operating systems after an e-mail phishing scam was discovered that asked users to download a patch containing malicious code. Could this be the beginning of a string of attacks on Linux?

Red Hat Inc. sent users a warning today about a fake e-mail that asked users to install a patch for a vulnerability in fileutils (ls and mkidir). The patch was actually a file that could allow a remote attacker to execute arbitrary code with root privileges in some Red Hat Linux distributions.

The attack arrived in the form of phishing scam from the fake e-mail address "security@redhat.com" and was first spotted late Friday. The heading of the e-mail read "Red Hat: Buffer Overflow in 'ls' and mk'dir'" and contained instructions on how to install a patch that Red Hat said may contain malicious code.

Red Hat said its official security messages are never unsolicited, are only sent from secalert@redhat.com and are digitally signed using GNU Privacy Guard keys.

Pete Lindstrom, an analyst at Malvern, Penn.-based Spire Security, said no individual vulnerability is a big deal in and of itself.

"Ultimately these things are found at the pace of 10 a day, some are more of a sign than others," he said. "What matters is if someone picks up on it and writes an exploit and allows folks to compromise [the application]."

Lindstrom said that these vulnerabilities are what security analysts and antivirus companies are always looking out for, and that the "bottom line is every piece of software is vulnerable."

"The fact that Microsoft is alone is silly and the idea that open source can be compromised is only recently being popularly recognized," he said. "If enough people focus on a particular problem they are going to come up with a vulnerability.

"That's true for all software whether it is packaged or open source, Microsoft or not," Lindstrom said.

that's true for all software whether it is packaged or open source, Microsoft or not

Let us know what you think about the story; e-mail: Jack Loftus, News Writer

Dig deeper on Linux security risks and threats

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchDataCenter

SearchServerVirtualization

SearchCloudComputing

SearchEnterpriseDesktop

Close