MinGW - Minimalist GNU for Windows

Fork

• mingw-dist
• build-aux
• wtklite
• pexports
• website
• mingw-get
• mingw-org-wsl
• mingw-pkgspecs

Donation

[MinGW-Notify] [mingw] #38527: www.mingw.org is compromised and serving a trojaned installer

MinGW Notification List mingw****@lists*****
Wed Aug 22 06:11:07 JST 2018

• Previous message: [MinGW-Notify] [mingw] #38527: www.mingw.org is compromised and serving a trojaned installer
• Next message: [MinGW-Notify] [mingw] #38527: www.mingw.org is compromised and serving a trojaned installer
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

#38527: www.mingw.org is compromised and serving a trojaned installer

  Open Date: 2018-08-22 05:59
Last Update: 2018-08-22 06:11

URL for this Ticket:
    https://osdn.net//projects/mingw/ticket/38527
RSS feed for this Ticket:
    https://osdn.net/ticket/ticket_rss.php?group_id=3917&tid=38527

---------------------------------------------------------------------

Last Changes/Comment on this Ticket:
2018-08-22 06:11 Updated by: ascendr

Comment:

MD5 (mingw-get-setup.exe) = 15d6548423be7a23a516ba0fe4afd65a

https://www.virustotal.com/#/file/
32d903bd0cfdad8cba650e0c643ced6e8c50479259073b587182f86a0912b208/detection



---------------------------------------------------------------------
Ticket Status:

      Reporter: ascendr
         Owner: keith
          Type: Issues
        Status: Open [Owner assigned]
      Priority: 9 - Highest
     MileStone: (None)
     Component: INSTALLER
      Severity: 5 - Medium
    Resolution: None
---------------------------------------------------------------------

Ticket details:

www.mingw.org is compromised and is serving a trojaned installer.

Trojaned mingw installer is being served from www.mingw.org/sites/www.mingw.org
/files/releases/mingw-get-setup.exe

The trojan file is 470K instead of the expected 85K

The entire /sites child path has Index of (directory traversal) enabled.

The trojaned installer seems to install a Banking Trojan.



-- 
Ticket information of MinGW - Minimalist GNU for Windows project
MinGW - Minimalist GNU for Windows Project is hosted on OSDN

Project URL: https://osdn.net/projects/mingw/
OSDN: https://osdn.net

URL for this Ticket:
    https://osdn.net//projects/mingw/ticket/38527
RSS feed for this Ticket:
    https://osdn.net/ticket/ticket_rss.php?group_id=3917&tid=38527

• Previous message: [MinGW-Notify] [mingw] #38527: www.mingw.org is compromised and serving a trojaned installer
• Next message: [MinGW-Notify] [mingw] #38527: www.mingw.org is compromised and serving a trojaned installer
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]