- #RF ONLINE PRIVATE SERVER MALWARE ANDROID#
- #RF ONLINE PRIVATE SERVER MALWARE SOFTWARE#
- #RF ONLINE PRIVATE SERVER MALWARE CODE#
#RF ONLINE PRIVATE SERVER MALWARE SOFTWARE#
Other platforms solve such problems in different ways, where only part of the solution is actual software and architectural work done by the platform, and another is by training the users. People who understand the potential of this power are the kind of people who contribute to the PinePhone project, which is why it’s sad that they specifically were targeted in this event. You are given overall more power to keep yourself safe when using a PinePhone. With more OS distributions available than any other modern phone could boast about being able to support, you can use something like Ubuntu Touch for a smooth experience. As it stands, it’s a platform that explicitly requires your understanding of what you’re directing it to do. Is PinePhone a safe platform? My take is – “yes” when compared to everything else, “no” if you expect to be unconditionally safe when using it. Funnily enough, the community-developed open-source firmware for the Quectel cellular modem is immune to the bug being exploited and is overall more fully-featured, but Pine64 is required to ship the exploitable proprietary firmware by default for regulatory compliance reasons – the consequences for stepping out of line on that are drastic enough, according to a Pine64 source.
#RF ONLINE PRIVATE SERVER MALWARE ANDROID#
You wouldn’t expect a typical phone virus to pull off a cellular modem brick trick, given the fragmentation of Android world and the obfuscation of Apple world.
![rf online private server malware rf online private server malware](https://s.kaskus.id/images/2015/08/31/2044521_20150831103500.png)
With the amount of work being done on the PinePhone cellular modem reverse-engineering, it’s peculiar that the malware takes advantage of the CVEs discovered alongside that effort. It’s curious that the package doesn’t seem to be sending private data to any servers (or encrypt files, or force you to watch ads akin to modern mobile games) – it easily could, but it doesn’t.
#RF ONLINE PRIVATE SERVER MALWARE CODE#
Most of all, the Snake game was very much real – it’s not clear whether the code might’ve been stolen from some open-source project, but you wouldn’t distinguish it from a non-malicious Snake game. The malware sender announced their “game development efforts” before publishing, stayed in the channel doing a bit of small talk and Q&A, and otherwise was not quickly distinguishable from an average developer coming to bless a prospective platform with their first app. This was a small-scale yet high-effort destructive attack on PinePhone users, targeting the ones using Arch specifically, by the way. Folks were on low alert, and there might’ve been up to about a dozen installs before a cautious and savvy member untarred the package and alerted people to suspicious base64 in the. Some weren’t so sure, arguing that people shouldn’t sudo install-this random games without a source code repo link. One of the prominent PinePhone community members installed that binary and enjoyed the “game” part of it, asking about plans to make it open-source – receiving reassurance from that the sources would be released eventually, “just need to clean it up”. didn’t share sources, just the binaries, packaged for easy installation on Arch Linux. All of that would happen on next Wednesday at 20:00, with scheduling done by a systemd-backed cronjob. As for the “wipe the cellular modem’s firmware” bonus part, it exploits the CVE-2021-31698.
![rf online private server malware rf online private server malware](https://i.ytimg.com/vi/-hTDuTOMvbM/maxresdefault.jpg)
Due to the root privileges given when installing the package, the find-based modern-day equivalent of rm -rf /* has no trouble doing its dirty work of wiping the filesystem clean, running a shred on every file beforehand if available to thwart data recovery. Unfortunately, that would not be the alternate universe we live in, and all was not well with the package being shared along with a cheerful “hei gaiz I make snake gaem here is link The malicious part of the code is not sophisticated – apart from obfuscation, the most complex thing about it is that it’s Bash, a language with unreadability baked in.
![rf online private server malware rf online private server malware](https://i.ytimg.com/vi/iedyOIMGsgQ/maxresdefault.jpg)
What supposedly designed had the potential to become a stock, out-of-the-box-installed application with a small but dedicated community of fans, modders and speedrunners. In the spirit of December gift-giving traditions, they have presented their fellow PinePhone users with an offering – a “Snake” game. On December 5th, someone by the IRC nickname of joined the Pine64 Discord’s #pinephone channel through an IRC bridge.