Debian/Ubuntu malware poses as screensaver

Malware has been found hidden inside an innocuous 'waterfall' screensaver .deb file made available on popular artwork sharing site Gnome-Look.org. The .deb file installs a script with elevated privileges designed to perform a DDoS attack as well as keep itself updated via downloads. The dodgy screensaver in question has since been removed from gnome-look and this incident was a very basic, if potentially successful, attempt.

http://www.omgubuntu.co.uk/2009/12/malware-found-in-screensaver-for-ubuntu.html

I'll keep these brief, but another malicious file was uploaded to gnome-look, this time masquerading as a theme called 'ninja'. If you fear you've installed it head over to the ubuntuforums @ This thread to help get a fix.

http://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look.html

Ubuntu is popular enough to have it’s own malware!

Advice: don’t install .deb files from untrusted sources. (Gnome-Look.org is now obviously untrusted.)

Does avast detect it?

I don’t know. The file doesn’t seem to there any more.

interesting, first time I hear something like that. Gnome Look as well as KDE Look are indeed very well known Linux sites. Don’t think Gnome Look will become globally an untrusted site though, it really is a major place to visit for Gnome users and I’m sure the guys who administrate it will be more than careful from now on.

edit: hmm… the link given by the OP tells it’s not the first time… not good.