[fpc-devel] [Core] Dangerous download on bug report

J. Gareth Moreton gareth at moreton-family.com
Wed Feb 24 08:28:31 CET 2021 

I tried to download the file but the link had me download an installer 
for the file instead, which installed malware.

Gareth aka. Kit

On 24/02/2021 07:25, Michael Van Canneyt via fpc-devel wrote:
>
> Gareth,
>
> I don't know what you've been doing on that site, but I downloaded the 
> bugreport
> file without problems. I didn't have to install anything, just 
> downloaded a
> zip without the need to download or install anything else. The zip file
> contains only (a lot of) pascal files.
>
> I agree the method is somewhat unusual but as far as I can see the 
> download
> is bona fide.
>
> Michael.
>
>
> On Wed, 24 Feb 2021, J. Gareth Moreton wrote:
>
>> A follow-up.  I did some research on one of the 3rd party tools that 
>> was installed... IdleBuddy.  IT IS MALWARE.  Specifically it is a 
>> crypto miner (one that uses your resources and gives the credit to 
>> someone else).
>>
>> Ironically, I use my laptop for crypto mining, so all my hardware 
>> resources are in use anyway!  Still, you bet I'm going to be giving 
>> my laptop a thorough scan now.  Curses.
>>
>> Gareth aka. Kit
>>
>> On 24/02/2021 05:54, J. Gareth Moreton via fpc-devel wrote:
>>> Hi everyone,
>>>
>>> This is a bit of a public service announcement.  I tried to look at 
>>> this bug:
>>>
>>> https://bugs.freepascal.org/view.php?id=38451
>>>
>>> The poster offered a ZIP download of their project, but it's hosted 
>>> by a questionable site, since it requires browser add-ons (including 
>>> Adobe Flash) and a client program (which apparently was digitally 
>>> signed and recognised by Windows). It installed Opera and a number 
>>> of 3rd Party Windows Services without permission. I've managed to 
>>> uninstall said programs, and now I'm running a full virus scan 
>>> because, frankly, I don't trust everything to be gone.
>>>
>>> I made a post on the bug report suggesting the author use a 
>>> different download provider.  But long story short, DO NOT DOWNLOAD 
>>> FROM THE LINK PROVIDED.
>>>
>>> Gareth aka. Kit
>>>
>>>
>>
>> -- 
>> This email has been checked for viruses by Avast antivirus software.
>> https://www.avast.com/antivirus
>>
>> _______________________________________________
>> core site list
>> core at freepascal.org
>> https://idefix.freepascal.org/cgi-bin/mailman/listinfo/core
>>
>
> _______________________________________________
> fpc-devel maillist  -  fpc-devel at lists.freepascal.org
> https://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freepascal.org/pipermail/fpc-devel/attachments/20210224/a267bbc4/attachment.htm>

More information about the fpc-devel mailing list