Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Xubuntu website hacked, spreading cryptocurrency malware disguised as download package
As many of you know, Windows 10 officially reached the end of support on October 14. For those who can't upgrade to Windows 11 due to inadequate hardware, a popular option is to switch to Linux — and hackers have been quick to take advantage of this trend.
Over the weekend, the official website of Xubuntu – an Ubuntu-based distribution – was hacked and injected with Windows malware into the download package.
According to OMG ! Ubuntu , the malware is hidden in a file ironically named xubuntu-safe-download.zip, which is downloaded by users trying to download the official .torrent file. If the user does not download the torrent, they will not be affected.
Inside this ZIP file is a malicious Windows executable (.exe) file along with a 'Terms of Use' text file. For experienced users, the presence of an .exe file instead of an .ISO or .IMG file would be a clear warning sign. However, those who have recently switched from Windows to Linux may not notice this and accidentally open the .exe file, infecting their computer.
Malware to steal cryptocurrency wallets
The malware's goal is to intercept and replace cryptocurrency wallet links that users copy to their clipboards — a common way to steal digital assets. Because cryptocurrency transactions are often unregulated and difficult to trace, it's virtually impossible for users to recover their funds if they're stolen.
The Xubuntu team shut down the compromised download site immediately after the incident was discovered to prevent others from being infected. The project also said it was accelerating the development of a new static site to replace the current aging WordPress platform.
Limited attack range
While the incident affected Xubuntu's reputation, the actual damage was relatively limited. No other Ubuntu versions, Ubuntu infrastructure, or official Xubuntu ISO files were affected. At the same time, existing Xubuntu users were completely unaffected, as the malware only targeted users who downloaded infected files from websites.
While waiting for the new website to be completed, users are recommended to safely download Xubuntu directly from the official address:
https://cdimage.ubuntu.com/xubuntu/releases/
Isabella HumphreyYou should read it
- What is Malware? What kind of attack is Malware?
- How to evaluate and improve security for a website
- Ubuntu 18.04 is officially available on Microsoft Store, can run as an application on Windows 10
- 8 ways Ubuntu changes and improves Linux
- Tips and tricks after installing Ubuntu
- Linux rescues Windows computer infected with virus
Attack the network
What does the F5 hack mean? What to do now?- Nintendo suspected of being attacked by a famous hacker group, data may have been stolen
- Discord Suffers Major User Data Leak
- Why hackers switch to phishing attacks beyond email and how to prevent them
- Microsoft launches new MCP Server, helping programmers access documents faster
- World's Largest Online Chess Platform Hacked
What does the F5 hack mean? What to do now?
Nintendo suspected of being attacked by a famous hacker group, data may have been stolen
Discord Suffers Major User Data Leak
Why hackers switch to phishing attacks beyond email and how to prevent them
Microsoft launches new MCP Server, helping programmers access documents faster
World's Largest Online Chess Platform Hacked