Ddos 
The official website of Xubuntu, a Linux distribution derived from Ubuntu, appears to have been compromised by hackers. Users reported that the site’s official torrent download had been replaced with a ZIP archive containing a malicious Windows executable (EXE) designed to lure unsuspecting users into running it on their systems.
A VirusTotal scan revealed that the executable was flagged as malware or a backdoor by 32 different security engines. Following user reports, the Xubuntu team promptly removed the compromised download link from the website.
Some users further tested the suspicious file within a virtual machine. Upon execution, it briefly opened a Windows Command Prompt window before launching what appeared to be a legitimate Xubuntu GUI installer. However, that fleeting command-line activity likely executed additional malicious payloads or backdoor components in the background.
To lower suspicion, the attackers even bundled a working Xubuntu installer so that users could continue downloading the real distribution, believing everything to be normal—while in reality, the malware was already scanning for sensitive data on the host system.
No cybersecurity firms have yet published a technical analysis of this malware. However, given the recent surge in supply chain–style attacks targeting cryptocurrency assets, it is highly plausible that this malicious program was designed to search for and steal cryptocurrency wallets and other critical financial information from infected users.
Related Posts:
- ViperSoftX Malware: Arabic-Speaking Attackers Exploit PowerShell in New Cyberattack Campaign
- Apple Revokes a Torrent Client’s Notarization, Sparking a New EU Dispute
- Sneaky Android Adware Masquerades as Popular Games to Bombard You With Ads
Donate