Pavel Kovtunenko on 22 Jan 2019 21:11:15 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Mining for Cycles (Pavel Kovtunenko)


Message: 3
Date: Tue, 22 Jan 2019 09:53:49 -0500
From: jeff <>
To: Philadelphia Linux User's Group Discussion List
Subject: [PLUG] Mining for Cycles
Message-ID: <" target="_blank">>
Content-Type: text/plain; charset=utf-8; format=flowed

It was a cryptominer.
It somehow replaced minor things like initctl, dbus-daemon, and sleep 
with its own version, but only for a little while, which is why 
Virustotal didn't find anything. It would then start phoning home. I 
copied an infected one and BINGO.. 5 engines caught it, then started 
arguing over which cryptominer it was.

There's a reason I browse without _javascript_, and this would be it. 
Unfortunately I must've failed one time (better this than birth control).

Reinstalling Xubuntu was fine, until I hooked my profile to it.
So now I'm somebody else, which has caused a bit of an identity crisis. 
Plus only 24 hours of reconfiguring things and moving text files over. 
And moving the bloody panel to the bottom, where it belongs.

Unrelated:  What sort of genetic abilities come with dogs and cats? The 
newest adoptee just opened the bi-fold bathroom door. Every one of them 
figured it out (because you're not allowed to go to the bathroom by 


How could a _javascript_ get that deep into a system?
Do you mind sharing what web browser you use?

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --