A Linux user's nightmare: the machine was wiped clean with one click
A Linux user's nightmare: the machine was wiped clean with one click
KDE Plasman käyttäjän teemanasennus päättyi painajaismaiseen tilanteeseen.
cross-posted from: https://lemmy.world/post/13400226
You're viewing a single thread.
I know this story is more-so about a trojan in a trusted place, and not general security, but I have an anecdote to share.
So, time to fess up here. I previously complained about Google trapping me in captcha-hell for enabling Ublock Origin.
I was wrong.
Turns out that I had visited a movie streaming site a while before to watch a season of some show, I forget which. Without any downloads or noticeable input on my part. My Linux box apparently got hacked/malware. All I did was click the occasional "I am a human" box on the website, and sit back with popcorn.
I found out when my ISP starting blocking IP addresses some time later. I checked my modem's logs, and they showed some unexplained traffic to impossible "unassigned" IP addresses afterward. I didn't notice for a while.
I was stupid. Even worse, my phone also started behaving badly after that. I think I watched the last few episodes in bed, so must have infected that too.
Don't assume any system is automatically safe.
I really doubt anything escaped the browser, but websites can make nefarious connections, sure.
I hope so. It's more likely something infected Firefox itself, and didn't get into the OS. But when I checked the modem logs, it happened up to a couple of months after the fact. That's worrying.
What's even more worrying is that a couple of websites told me I had an IP address that didn't match my home IP, but would provide the correct one if I refreshed the page a couple of times. So some kind of covert proxy or VPN type of thing was happening.
I ended up just wiping everything, to be safe. Still a bit paranoid though.
Hmm, really fishy, it’s just that you don’t find arbitrary code execution exploits on random sites, those are rare and not found in the wild. More likely just from another source.