Attention: Some Fosshub downloads compromised (Aug 2/3 2016)

[lintalist]

Attention: Some Fosshub downloads compromised
http://www.ghacks.net/2016/08/03/attent ... mpromised/

Some software programs on Fosshub, a free project hosting service, appear to be compromised and serve malware payloads .
...
A thread started on August 2 on the Classic Shell forum by a new user indicated that the user's computer would not boot Windows anymore after installing the application.

The issue may have been resolved as the site seems to be back online but just so you know it might be best to double check downloads from fosshub.

Softpedia: http://news.softpedia.com/news/hacker-c ... 6932.shtml

[JohnTHaller]

According to reports, both ClassicShell and Audacity were affected. Both ClassicShell and Audacity use FossHub as their official mirror. If you went to either of their sites and clicked the official download button during the 3 hour window that malware was live yesterday, you got malware instead of the actual installer.

The malware wipes your MBR rendering your PC unbootable.

Audacity confirmed the hack in a post here: http://www.audacityteam.org/compromised ... d-partner/

Note that Audacity Portable was unaffected.

[webfork]

Audacity confirmed the hack in a post here: http://www.audacityteam.org/compromised ... d-partner/

Very sad news. That was an emotional read.

I debated a few different reactions to this news but I remain on the fence about this. The success of the group behind this will no doubt encourage other attackers and hurt the enterprise of free software, which is *still* viewed by many non-technical folks I know as risky. Maybe a suggested inclusion of some kind on the main page about firewalls and antivirus software? Maybe some sort of browser plugin for VirusTotal checking? I genuinely don't know.

Whatever the case, this has been a bad year for security. The Register article on this topic was informative, and frankly bewildering. They did it to prevent randsomware people from getting it? WTH?