Linux hacked ?!

[all41]

Linux hacked ?! Who would have thought?
They must have intercepted the bank deposit I was expecting from His Highness
the Royal Prince in exile.

[Fred Barclay]

Linux hacked ?! Who would have thought?
They must have intercepted the bank deposit I was expecting from His Highness
the Royal Prince in exile.

You mean my brother?
http://forums.linuxmint.com/viewtopic.php?f=58&t=199037
My previous offer still stands for a Limited Time only.

[uberdorf]

I'm sure now that I was hacked, and that it was the ad exploit that targets flash on windows computers while visiting legitimate sites. I didn't have the firewall enabled at the time, and I had flash enabled in firefox which opened me up to hacked ads. It was while visiting this forum on 10 Sep 15 around 7 am CT, the ad was for hacking training and it was an Italian site (I put the cursor over the ad to see the link but didn't click on it). The letters on my system were garbled from then on until I cleared the cache and rebooted the computer, and I had occasional freezes with firefox until I disabled flash in firefox and enabled the firewall. The affected computer was running Linux Mint Cinnamon 17.2, and more details are available in my previous post in the link to another thread.

[BigEasy]

There is virtualy no site on Globe without Google Adsense script. Linuxmint forum is no exeption.
http://pagead2.googlesyndication.com/pagead/show_ads.js

Ads shown on pages particulary depends on what you searched in Google before. So, what did you searched in Google before? Probably you got it

1. Instal Ghostery in FF or Chrome
2. Instal Ublock origin in FF or Chrome
3. Case you under router then secure you WiFi router. Firewall is not needed in case - router is firewall by itself (if you already secured it).

I'm sure you didn't hacked. It's just your impression, you want to think so, not more.
Presonally me never was hacked, got 2 easyly removable viruses in Windows (3.10-W7) from 1992 until now. No single day no antivirus was unstalled. During some time used firewall while I have direct internet connection to my computer.

[uberdorf]

That is an interesting theory, BigEasy, however I had not searched for hacking previous to being hacked. That ad was completely different than the type of ads that I normally see and unrelated to my browsing history. I do not believe in intruding on other's privacy, and I do not believe there is such a thing as "ethical" hacking because that is just a form of vigilantism. So it doesn't hold water in my case. However, as I mentioned, there is an exploit in some ads that has been hacked in the past and causes problems for visitors of the site that uses the hacked ad. It is called malvertising. http://www.theverge.com/2015/8/25/92023 ... nerability

[BigEasy]

Probably. But hacked ads and hacked you is two different things. Any script working in browser can srew up page looks. Ii doesn't mean you are hacked.

[uberdorf]

Here's a quote from the article...

The networks deliver those malware-seeded ads to popular websites, which pass them along to a portion of the visitors to the site. The attacks typically infect computers by exploiting vulnerabilities in Adobe Flash, typically triggered as soon as an ad is successfully loaded.

The main point of "malvertising" is to infect computers. I had Adobe Flash installed and enabled, and that is what is exploited by the hacker regardless of OS. Of course it is worse for Windows users because the infected computers get their whole system infected due to the majority of malware being targeted for Windows, but linux users can get their flash exploited on firefox too especially since regular flash is no longer developed for linux and only recieves "security" updates. The alternative to this for linux users is to use pepperflash which is kept up to date and comes with chrome, or to install pepperflash for other browsers.

[Fred Barclay]

I'll agree with BigEasy here: you probably weren't hacked. At most, only some weird stuff would have been added into your firefox cache. Browser hacking is different than OS hacking! Additionally, how are you sure it was a Flash exploit?
However, you might be right and it was a full-blown hack.

(Also, I'm an ethical hacker--though still a newbie. I only hack my own stuff or that of others when I've been given full permission. I'm not sure I follow your "vigilantism" thoughts.)

[Penn]

That is an interesting theory, BigEasy, however I had not searched for hacking previous to being hacked. That ad was completely different than the type of ads that I normally see and unrelated to my browsing history. I do not believe in intruding on other's privacy, and I do not believe there is such a thing as "ethical" hacking because that is just a form of vigilantism. So it doesn't hold water in my case. However, as I mentioned, there is an exploit in some ads that has been hacked in the past and causes problems for visitors of the site that uses the hacked ad. It is called malvertising. http://www.theverge.com/2015/8/25/92023 ... nerability

You clearly have a misunderstanding of some definitions. 1 - What you describe is not ethical hacking. 2 - There is a big difference between an OS being hacked and a hacker utilizing an exploit to achieve some nefarious desire such as hijacking a browser or add-on.

But in answer to the question (as I am relatively sure you meant it to be) is no. Not in Linux. The only time I ever got a virus in windows was directly due to the arrogance of Mozilla in the early days of Firefox. It came about not long after the US Dept. of Homeland Security recommended Firefox over Internet Explorer. Many don't remember and some just deny it happened but Mozilla tried to deny any flaws in their precious Firefox existed even after an exploit specific to that browser was brought to public light. I happened to be one of the people hit by that flaw so when they finally admitted a problem existed and patched it I just decided, "too little to late" and never went back to a Mozilla product. I don't say this to dissuade anyone from Mozilla, they learned their lesson and now take security serious but for me, I steer clear even to this day. And when the eventual day comes that someone does find a serious exploit in Linux or the derivative Distros it is taken seriously (so far from what I've seen the developers have even if many users suffer from the same arrogance as Mozilla in the early days).

My story on Firefox has direct relevance to Linux potentially being compromised. I told that Firefox story to the first person I knew who used Linux on a personal machine. He started going on about Linux being superior and yada yada yada. I pointed out how the Firefox story should be a lesson about waving a flag at hackers by claiming it is un-hackable. Several months later he told me he was looking through his system that previous weekend and found an unknown file in a system directory. It turned out to be a trojan for windows so it didn't do anything to his system but he got the message, somehow a file found it's way into a root privileged directory without his knowledge. Do I consider this to be a Linux system hacked? No. But it shows at least his Distro was at that time wasn't impervious.

[MartyMint]

Your story about Firefox and Mozilla in general sounds nonsensical.

[uberdorf]

To avoid hijacking this thread and to avoid making things worse in regards to inflammatory comments, I won't get into a pedantic argument about what hacking means, or the concept of "ethical" hacking and "hacktivism" as practised by groups like Anonymous and whoever exploited my flash player. I'll just make clear that there is a common flash exploit usually targeting Windows computers (I've found it on my Windows partitions before too), and that Firefox using the obsolete flash (version 11.2 from several years ago) found in ubuntu restricted extras is not immune. That is what got accessed on my computer, and though the log viewer shows failed attempts to access root that day, I don't think root was accessed so the computer as a whole does not appear to be infected.

If anyone uses Firefox and the obsolete flash found in ubuntu restricted extras, I highly recommend going to add ons and setting flash to ask to activate.

[BigEasy]

Flash, flash, flash.... Somebody tired of that words? Who told you that your problem has any relation to Flash?
"Obsolete", as you said, Flash in FF have absolutely same level of security as very last release. Because

recieves "security" updates

Didn't you think that kernel 4.2 much more secure than lernel 3.16 because numbers is greater or some other reason?

[BigEasy]

This morning (about 7 AM Central Time) when I tried to visit this Mint Forum, the page had trouble loading and when it did all the letters were garbled in Firefox and there was an ad for some Italian hacker site.

Ads shown on pages particulary depends on what you searched in Google before. So, what did you searched in Google before? Probably you got it

That is an interesting theory, BigEasy, however I had not searched for hacking previous to being hacked. That ad was completely different than the type of ads that I normally see and unrelated to my browsing history.

uberdorf!
Is it your "italian hacker site"?