Tuesday, May 19, 2015

This is not good - Trojanized Putty Client



From the article:

According to Symantec researchers, an unofficial version of the open-source Secure Shell (SSH) client PuTTY has been discovered in the wild which may compromise the privacy and safety of developers.

The Trojanized PuTTY version was first discovered in 2013, however the researchers believe scanner tests were being performed at this time due to low levels of distribution. However, the file is now being downloaded after users seek a download through Google and inadvertently pick a compromised third-party website to download the program rather than its official source.

The compromised website then redirects the user several times, ultimately connecting them to an IP address in the United Arab Emirates, according to Symantec. The altered version of PuTTY then is downloaded.


Use the link below for more details:

No comments:

Post a Comment