Has LyX Been Hacked?
Paul Kiwi
paul.kiwi.uk at gmail.com
Tue Jan 31 05:24:30 UTC 2023
The file I downloaded had a sha256 hash of
091cd793c21cb24a87a52c6622f7dfe0a6921f0912847ae06eea33a367ff92da
LyX-237-Installer-1-x64.exe
VirusTotal did not detect any virus, but did flag a critical SIGMA
crowdsourced rule that indicated a supply chain attack.
https://www.virustotal.com/gui/file/091cd793c21cb24a87a52c6622f7dfe0a6921f0912847ae06eea33a367ff92da/behavior
On Tue, Jan 31, 2023 at 6:06 PM Paul Kiwi <paul.kiwi.uk at gmail.com> wrote:
> I downloaded:
>
> https://lyx.mirror.garr.it/bin/2.3.7/LyX-237-Installer-1-x64.exe
>
> After installing and launching LyX, I got a very strange error message. It
> was a large amount of text in Chinese characters. Using a translation tool,
> the text seemed to be random badly translated proverbs such as "You should
> respect the tea ... defend the scorpion cup" etc. The english translation
> was nonsense.
>
> I am unable to verify the sig. I might be doing the verification procedure
> incorrectly, but GPG says it cannot be verified.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lyx.org/pipermail/lyx-users/attachments/20230131/7ea87db8/attachment.html>
More information about the lyx-users
mailing list