Op 29 mei 2014 17:28 schreef "Paul Graydon" <p...@paulgraydon.co.uk> het volgende: > > Probably not necessary for me to say this, but I would strongly discourage everyone from touching that binary until we know the true picture.
An odd detail was that the "new" version is apparently blocked by smartscreen on W8, but i've not yet seen any links to a virustotal report. Is virusscanning considered obsolete? > Infosec people on Twitter are completely baffled at the moment, but last I saw based on a few bits of evidence they seem to be erring towards the idea that it's a case of account being compromised, including the signing keys. > Until a proper announcement has been made there is no cause for concern. It will be interesting how that proper report will be published; - at least some keys appear to be compromised - developers are not well known Then again, it indeed looks a lot like an account compromise (a thorough one). mvg, Guus
_______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
