OSDN -- Develop and Download Open Source Software

Ticket #38527
Ticket List Submit New Ticket RSS

www.mingw.org is compromised and serving a trojaned installer

Open Date: 2018-08-22 05:59 Last Update: 2018-08-22 07:35

Reporter:
ascendr
Owner:
(None)
Type:
Issues
Status:
Closed
Component:
WEBSITE
MileStone:
(None)
Priority:
9 - Highest
Severity:
5 - Medium
Resolution:
Invalid
File:
None
Vote
Score: 0
No votes
0.0% (0/0)
0.0% (0/0)

Details

www.mingw.org is compromised and is serving a trojaned installer.

Trojaned mingw installer is being served from www.mingw.org/sites/www.mingw.org/files/releases/mingw-get-setup.exe

The trojan file is 470K instead of the expected 85K

The entire /sites child path has Index of (directory traversal) enabled.

The trojaned installer seems to install a Banking Trojan.

Ticket History (3/4 Histories)

2018-08-22 05:59 Updated by: ascendr
  • New Ticket "www.mingw.org is compromised and serving a trojaned installer" created
2018-08-22 06:59 Updated by: keith
  • Component Update from INSTALLER to WEBSITE
  • Resolution Update from None to Invalid
  • Owner Update from keith to (None)
  • Status Update from Open to Closed
Comment

Thank you for the report. I've closed it as invalid, for the following reasons:

  1. It is not an "installer" issue, (as you've specified); it is a "website" issue, and mingw.org does not serve the installer.
  2. You've exceeded your authority, by assigning to me, in spite of explicit instructions telling you that you must not do so.

Notwithstanding, I have removed the "Download Installer" button from the website; I don't know how, or where, to fix the bad action which is associated with it ... an action which, for me, delivers a zero-length file, (not the 470kb monster, to which you allude). The correct action would have been to invoke a download from https://osdn.net/projects/mingw/downloads/68260/mingw-get-setup.exe (size being 91kb, and 4 of 66 virus scanners report known false positives), but, as noted, I don't know how to make that happen.

2018-08-22 07:35 Updated by: ascendr
Comment

If you can assist in forwarding this information to the right people who support mingw.org website that would be great. The site is compromised and serving malware.

Attachment File List

No attachments

Edit

Please login to add comment to this ticket » Login