Subj : Ubuntu, Crypto Malware
To   : MRO
From : Android8675
Date : Wed Nov 30 2022 08:43 am

 Re: Ubuntu, Crypto Malware
 By: MRO to Android8675 on Tue Nov 15 2022 04:33 pm

> if you have it backed up, and your backups are clean, just 'nuke it from
> orbit'.
>
> why do you want to waste time going on a search for it?
> if your files are encrypted you aren't getting them back and you might lose
> more anyways.

Files were fine, it wasn't a malicious app (thankfully), it was just a crypto app was being run from a cloud drive on my system. I blocked off the RADIUS port (1812) and the app stopped coming up. I'll have to figure out how/why it was happening. RADIUS has something to do with authentication. Maybe if I just switch to key auth only it'll block whatever backdoor I've obivously left open.

At any rate, I closed all but the ports I need and it seems OK now.

Glad I didn't have to nuke anything, and thankfully I got a fairly nice backup setup.

---
� Synchronet � Vertrauen � Home of Synchronet � [vert/cvs/bbs].synchro.net

You are viewing proxied material from bbs.kd3.us. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.