Fake redhat exploit warning circulating

C

ctnchris

Verified User
Joined
Sep 17, 2003
Messages
97
http://theinquirer.org/?article=19251

Red Hat users urged to patch with Trojan

Fake heads-up

By Nick Farrell: Monday 25 October 2004, 07:09
A FAKE security advisory is being circulated that suggests that Red Hat's Linux distribution users should download and install malicious code.

Several emails are doing the rounds, all claiming to emanate form the Red Hat security team. They provide a patch, which claims to fix a vulnerability "in fileutils (ls and mkdir). Anyone who downloads the patch provides a back door that allows a remote attacker to execute arbitrary code with root privileges.

In the company's security updates page, a spokesHat says that the emails tell users to download and run an update from a user's home directory which has the title www.fedora-redhat.com.

For the record, official messages from the Red Hat security team are never sent unsolicited and are always sent from the address [email protected], and are digitally signed.

The domain at which the fake advisory resides is fedora-redhat.com. The actual site for Fedora, Red Hat's community-based distribution, is fedora.redhat.com. The domain fedora-redhat.com only opened on October 24.
Click to expand...

Just a heads up :)
 
fedora-redhat.com has already been taken down.

Whois tells us:

Admin Name........... Raymond Jackson
Admin Address........ 224 Cedar Avenue
Admin Address........
Admin Address........ New York
Admin Address........ 95301
Admin Address........ NY
Admin Address........ UNITED STATES
Admin Email.......... [email protected]
Admin Phone.......... +1.2098994533

Jeff
 
You must log in or register to reply here.
Back
Top