Red Hat patch update a malicious hoax

Red Hat warned users to beware of bogus e-mails pretending to be an alert from its security team.

An e-mail disguised as a Red Hat patch update is a fake designed to trick users into downloading malware, the Linux vendor warned in a message on its Web site.

"Red Hat has been made aware that e-mails are circulating that pretend to come from the Red Hat Security Team," Red Hat Inc. said in the message. "These e-mails tell users to download and install malicious updates. These Trojan updates contain malicious code designed to compromise the systems they run on."

The advisory added that "official messages from the Red Hat Security Team are never sent unsolicited, are always sent from the address secalert@redhat.com, and are digitally signed by GPG. All official updates for Red Hat products are digitally signed and should not be installed unless they are correctly signed and the signature is verified."

The bogus e-mails were part of what appeared to be a spam assault against Linux users, according to Finnish antivirus firm F-Secure Corp.

"Somebody did a fairly large spam run, targeting Linux users with a message that claimed a security vulnerability had been found and the fix was available at fedora-redhat.com," said Mikko HyppÖnen, director of antivirus research for F-Secure. "It was labeled as a fairly critical security alert that advised users to download a patch. It looks like the goal was to trick users into downloading a root kit."

HyppÖnen said the episode further illustrates that attackers have their eye on more than just the Windows-based exploits. "Nobody should be complacent when it comes to security," he said. "People tend to think Linux can't be attacked, but like the Opener virus affecting Macintosh users, this is proof that Linux is not immune."

While the malicious site was taken down over the weekend, the Bethesda, Md.-based SANS Internet Storm Center posted a message on its Web site Monday saying the hoax "is a good reminder that even though most of these are aimed at Windows users, always be suspect when receiving an e-mail asking you to download something."

Dig deeper on Security patch management and Windows Patch Tuesday news

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close