Table of Contents
Ukrainian Hacker Suspected in Free Download Manager Malware Breach: Free Download Manager (FDM) has confirmed a security breach dating back to 2020, involving the distribution of malicious Linux software from its website.
This incident has been linked to a Ukrainian hacker group. Only a small fraction of users who downloaded FDM for Linux between 2020 and 2022 are believed to be affected.
Key Takeaways to Ukrainian Hacker Suspected in Free Download Manager Malware Breach:
- Free Download Manager (FDM) disclosed a security incident dating back to 2020, where its website was compromised to distribute malicious Linux software.
- A Ukrainian hacker group is suspected of exploiting a vulnerability in FDM’s website script to redirect users to a fake domain hosting malicious software.
- While FDM has released a script to check for malware, affected users must reinstall their systems as the script does not remove the malware.
Security Breach Uncovered
Free Download Manager (FDM) has acknowledged a security incident that took place in 2020, revealing that its website was manipulated to distribute malicious Linux software.
The breach was traced back to a Ukrainian hacker group that exploited a specific web page on the FDM site.
This compromise remained undetected until recently, impacting a small subset of users who attempted to download FDM for Linux between 2020 and 2022.
Malicious Software Distribution
Kaspersky reported that in 2020, the FDM project’s website was breached to redirect select Linux users attempting to download the software to a malicious site hosting a Debian package.
This package was configured to deploy a DNS-based backdoor and deliver a Bash stealer malware, capable of extracting sensitive data from compromised systems.
Exploiting a Website Vulnerability
FDM’s investigation uncovered a vulnerability in one of its site scripts that the hackers exploited to manipulate the download page.
This led site visitors to a counterfeit domain (deb. fdmpkg[.]org) hosting the malicious .deb file.
Intriguingly, this vulnerability was unknowingly resolved during a routine site update in 2022.
Checking for Malware
In response to the breach, FDM has provided a shell script for users to check for the presence of malware on their systems. However, it’s important to note that the script does not remove the malware.
Users who detect the backdoor and information stealer on their machines are advised to reinstall their operating systems.
Conclusion
The security breach involving Free Download Manager highlights the importance of ongoing vigilance and prompt action in response to cyber threats.
Users who may have been affected are encouraged to utilize the provided script and take necessary measures to secure their systems.
About Free Download Manager (FDM):
Free Download Manager (FDM) is a popular software application that enables users to download files from the internet efficiently. It offers various features to enhance download speeds and manage downloads effectively.