Fosshub gets violated by hackers to deliver MBR rewriting Trojan

11 January, 2017 | By Aapt Dubey

We always tend to disregard the security advice while installing a program on our PCs. We all have seen and ignored the- 'This type of file can harm your computer" warning thousands of times. We run untested programs without even an antivirus in our computer. But then some people can present to us the importance of these. Recently, a hacker group named Pegglecrew proved that these warnings mean what they say.

For a day, all downloads of Classic Shell or audio editing software Audacity from Fosshub risked the download of a Trojan that rewrites your Master Boot Record (MBR) for Windows. MBR has the information about the booting process of your computer.

The Trojan gave no initial sign. Once you reboot your system your MBR gets rewritten, and a message gets flashed- "It is a sad thing your adventures have ended here! Direct all hate to Pegglecrew (@cultofrazer on Twitter)." After the flash message, to reboot your computer, you need to recover your MBR by any means.

The Twitter handle @cultofrazer belongs to the gaming company Razer which was hacked by this group. The tweets posted by Pegglecrew stay removed now. In one of the tweets, the group said that it managed to hack the Audacity and Fosshub servers and even the admin email of Fosshub server.

These virus codes didn't do any harm to the PC. They just rewrote the MBR. But the systems were nowhere close to secure. The group could have stolen data and information from these computers. Pegglecrew claimed an attempt to install a rootkit but after initial failure, they gave up.

An anonymous Pegglecrew member wrote a mail to Softpedia. He said- "We were able to grab data from this network service to get source code and passwords. These led us further into the infrastructure of FossHub. Eventually, we had control of their production machines, backup, mirror locations, and FTP credentials for the caching services as well as the Google Apps hosted email."

Pegglecrew also disclosed the purpose of this hack to Gizmodo. The crew stated- "We targeted Fosshub because we wanted inform people to keep better care of their security. All the users clicked past a prompt telling them that it could be dangerous. That's just one example of user carelessness, and it barely amounts to the quantity of terrible passwords and other terrible practices."

It's peculiar that the 'About us' of Fosshub states "No adware, No spyware, No bundles, No malware, Fast downloads, Free services and a single ad. Most people like us."

Audacity published a blog for the confession. It admitted the compromise of its servers. Audacity says that the windows installer 2.1.2 that got hacked is now replaced. Also, the hacked accounts on Fosshub.com have been deactivated. It claimed that the firm is alarmed, and in collaboration with Fosshub will ensure the avoidance of such incidents in future.

Fosshub published a separate apologia on Reddit breaking the ice about the incident. They told that they had to shut down their primary server to stop the Trojan from dispersing. They worked for 30 hours straight without a break to recover things up.

Above incident is a deterrent showing us why we must take the security of our computers rather more seriously. We must take our time to check the software before installing else the result can be a nightmare. Audacity in its blogs always warned the users to use antivirus and firewalls for security and verify all the downloaded files with online file verification tools. It also warns us against deceptive ads.

Preview Next

Related Tech News

eero
eero- Innovative Range of Wi-Fi Systems for your Home
Science has advanced to such a level that now we c...
Bitcoin
Everything you ever wanted to know about Bitcoin
Of late, digital currency or cryptocurrency is the...
iRobot- Your Perfect Cleaning Mate
iRobot- Your Perfect Cleaning Mate
The basic difference between us human beings and a...

Most Recent

Everything you ever wanted to know about Bitcoin
Samsung Galaxy S9 Smart Phone
SoundBot’s new SB521 HD Premium Bluetooth Touch Control Speaker
IBM’s 20qubit Quantum Computing Machine
WeLab Raises Series B+ Financing Round - 220 Million USD