待辦事項 #38527

www.mingw.org is compromised and serving a trojaned installer

啟用日期: 2018-08-22 05:59 最後更新: 2018-08-22 07:35

回報者:
負責人:
(無)
類型:
狀態:
關閉
元件:
里程碑:
(無)
優先權:
9 - 最高
嚴重程度:
5 - 中
處理結果:
Invalid
檔案:
Vote
Score: 0
No votes
0.0% (0/0)
0.0% (0/0)

細節

www.mingw.org is compromised and is serving a trojaned installer.

Trojaned mingw installer is being served from www.mingw.org/sites/www.mingw.org/files/releases/mingw-get-setup.exe

The trojan file is 470K instead of the expected 85K

The entire /sites child path has Index of (directory traversal) enabled.

The trojaned installer seems to install a Banking Trojan.

Ticket History (3/4 Histories)

2018-08-22 05:59 Updated by: ascendr
  • New Ticket "www.mingw.org is compromised and serving a trojaned installer" created
2018-08-22 06:59 Updated by: keith
  • 元件 Update from INSTALLER to WEBSITE
  • 處理結果 Update from to Invalid
  • 負責人 Update from keith to (無)
  • 狀態 Update from 開啟 to 關閉
評語

Thank you for the report. I've closed it as invalid, for the following reasons:

  1. It is not an "installer" issue, (as you've specified); it is a "website" issue, and mingw.org does not serve the installer.
  2. You've exceeded your authority, by assigning to me, in spite of explicit instructions telling you that you must not do so.

Notwithstanding, I have removed the "Download Installer" button from the website; I don't know how, or where, to fix the bad action which is associated with it ... an action which, for me, delivers a zero-length file, (not the 470kb monster, to which you allude). The correct action would have been to invoke a download from https://osdn.net/projects/mingw/downloads/68260/mingw-get-setup.exe (size being 91kb, and 4 of 66 virus scanners report known false positives), but, as noted, I don't know how to make that happen.

2018-08-22 07:35 Updated by: ascendr
評語

If you can assist in forwarding this information to the right people who support mingw.org website that would be great. The site is compromised and serving malware.

Attachment File List

No attachments

編輯

Please login to add comment to this ticket » 登入