Has LyX Been Hacked?

Paul Kiwi paul.kiwi.uk at gmail.com
Tue Jan 31 07:14:15 UTC 2023


One of the LyX translators told me the text I saw was "Mojibake"
(garbled text decoded using an unintended character encoding).

On Tue, Jan 31, 2023 at 6:24 PM Paul Kiwi <paul.kiwi.uk at gmail.com> wrote:

> The file I downloaded had a sha256 hash of
>
> 091cd793c21cb24a87a52c6622f7dfe0a6921f0912847ae06eea33a367ff92da
>  LyX-237-Installer-1-x64.exe
>
> VirusTotal did not detect any virus, but did flag a critical SIGMA
> crowdsourced rule that indicated a supply chain attack.
>
>
> https://www.virustotal.com/gui/file/091cd793c21cb24a87a52c6622f7dfe0a6921f0912847ae06eea33a367ff92da/behavior
>
> On Tue, Jan 31, 2023 at 6:06 PM Paul Kiwi <paul.kiwi.uk at gmail.com> wrote:
>
>> I downloaded:
>>
>> https://lyx.mirror.garr.it/bin/2.3.7/LyX-237-Installer-1-x64.exe
>>
>> After installing and launching LyX, I got a very strange error message.
>> It was a large amount of text in Chinese characters. Using a translation
>> tool, the text seemed to be random badly translated proverbs such as "You
>> should respect the tea ... defend the scorpion cup" etc. The english
>> translation was nonsense.
>>
>> I am unable to verify the sig. I might be doing the verification
>> procedure incorrectly, but GPG says it cannot be verified.
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lyx.org/pipermail/lyx-users/attachments/20230131/237f7a0b/attachment.html>


More information about the lyx-users mailing list