Mail Archives: cygwin/2008/01/14/16:38:12
Hello, I've come across an issue which may be the result of a compromised
Cygwin mirror. The mirror in question is ftp.gtlib.gatech.edu.
Earlier today, I installed Cygwin on the Windows XP partition of my laptop. I
used the default package settings and selected the GA Tech mirror. About
halfway through the install, I got an error message which said something
about a Cygwin dll file. I didn't have a lot of time to read it because I
was looking away when it popped up. Right after that, I got a white screen
(fullscreen) for a few seconds, followed by some porn images (also
fullscreen). I then got the windows desktop again. Unfortunately I don't
have any more details than this.
This laptop is only one week old and I have been running linux on it for most
of that time. I have installed just a handful of programs on the windows
partition (Firefox, Thunderbird, Inkscape, IrfanView, Office 2007, Epson
printer drivers, The GIMP, Blender, Visual Studio Express) and have only used
it occasionally, so while it is possible this could be
caused by malware from some other source, it seems unlikely. All of these
applications were from reputable, official, sources.
I have scanned the entire windows partition with ClamAV but it did not detect
anything, so this is probably something new.
Again, I am unable to confirm that Cygwin contains the malware. It is also
possible it could have been from any of the other programs mentioned. The
Cygwin error message occurring immediately before the slideshow is the reason
I suspect it.
I have kept a copy of all of the files downloaded from the mirror and the
Cygwin installer program itself.
-Rob
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -