Warning! Possibily troll invasion!
 

Guys, I wanna to warn to a possibility invasion of a troll and lamer

He tells you that you have produced an amazig application but this only a script for delete ALL from your phone and SD!

He infested an italian forum LINK whit a .deb attachement

He wrote in all the section of forum hoping someone will fall into his trap

In the italian forum his name is BELTAMAN TEAM

Re: Warning! Possibily troll invasion!
 

Here is his post. (minus link to script which appears to have been removed and the user BANNED!)



Ciao tutti, prima volta che vi scrive prego scusa per italiano poco saporito. Abbiamo creato piccolo script saporito che vi sarà molto buono a fare un po di pulizia con files temp di Maemo. Esatta mente, script Beltazor esegui un Clean di lista pacchetti, un refix di dipendenze, un update di libreria per anteprime di thumb e cancellando tutti i files temporanei con solo click. Per utilizzare beltazor dovete essere in rete, prende anche un update della lista pacchetti. Beltazor, contiene righe di codice che, oltre ad eseguire chiacchierato prima, installa nel N900 un driver Video per fotocamera frontale specchio (lrende piu veloce), installa sufinestra di applicazione fotocamera (soli su applicazione Fotocamera) opzione (link dinamico bin) di cattura video (verso gstreamer) o foto direttamente con fotocamera specchio! Bello news vero popoli? Driver di cattura fotocamera anteriore, essendo ottimizzato by the Beltaman.uk team, puo di catturare e registrare ottima qualità fluide direttamente da fotocamera di frontale. In attesa di pubblicare video saporito, concedere deb in allegato. Be sure connessi con internet e pazientare che n900 riavvia piano piano di potere poi usufruire per Beltazor Application e funzioni piu addizionate di applicazione Fotocamera! Ciao, buon anno tutti felice dal team di Beltaman.uk

Scusate se usa nostro Italiano poco pulito presto novo aggionamenti tante piu bellissime novità! Vostro è sito SAPORITO!

Google translate sez:

Hello all, first time you write please excuse for a little Italian flavor. We have created tasty little script that will be very good at doing some cleanup of temp files with Maemo. Exact mind, run a script Beltazor Clean list of packages, a refix of dependencies, update the library for a preview of thumb and delete all temporary files with one click. To use beltazor must be online, also take a list of update packages. Beltazor contains lines of code that not only talked the first run, get a video driver for N900 in the front camera mirror (lrende faster), get the application sufinestra camera (only on camera application) option (dynamic link bin) video capture (to gstreamer) or photos directly to the camera mirror! Bello real news people? Front camera capture driver, being optimized by the Beltaman.uk team can capture and record high quality fluid directly from the camera front. Waiting to publish video tasty grant deb attached. Be sure the Internet and related patient n900 power then restart slowly to enjoy Beltazor Application and add more functions to the camera application! Hello, happy new year all the teams Beltaman.uk

Sorry if you use our neat little Italian soon novo Update on many more wonderful news! Your site is TASTY!

I put this up because if you see the same style of post you'll know to be careful.

Re: Warning! Possibily troll invasion!
 

Kinky. Notice how he says you must make sure you have internet? Anyone wanna bet something maliciously deleting your data isn't simultaneously sending it online somewhere?

(If I was a risk taker I'd run Backupmenu on my entire device, save those backup archive files elsewhere off-device, plug it up to a WiFi access point which fakes internet throughput, and then run the distributed file through strace. Then put the backup archives and a kernel image back on the device, reflash kernel, and unpack all the backups. That way if the son-of-a-***** deletes everything, the backups hopefully restore it all. I actually like my N900 too much to do that, but still. Someone willing to reflash probably could make it happen.)

At any rate, thanks for the warning.

Re: Warning! Possibily troll invasion!
 

No, i've controlled the .deb and it content only a script whit a series of "rm -r" (sh command to remove a folder)

Re: Warning! Possibily troll invasion!
 

what a dog... thanks a lot for the info.

reminder to think twice before installing a deb from a new user....

Re: Warning! Possibily troll invasion!
 

Lol. Yet another moral that closed-source binaries are bad, and need to be handled with caution.

At any rate, any chance you could give an overview of how you ran the .deb in a controlled manner? Or just point me to a link or something - I'm happy learning on my own if I know at least vaguely what direction to head in.

Re: Warning! Possibily troll invasion!
 

That's not a troll.
A Trojan or malware would better describe this $#!+>|^.

Re: Warning! Possibily troll invasion!
 

Makes you wonder how many other times this has happened.

Re: Warning! Possibily troll invasion!
 

It's possible to investigate without installing/running with:

to extract the files in the package

to extract the scripty parts

It won't help you see inside binary files, though.

Re: Warning! Possibily troll invasion!
 

Thanks for the heads up Veleno.

Hate to think how many have already fallen foul of this.

Re: Warning! Possibily troll invasion!
 

much appreciated ! having browsed the italian thread and having seen a paste of the script i can only thank wholeheartedly you for alerting us ...

Re: Warning! Possibily troll invasion!
 

Many thanks bruv, I've been seeing his posts all over MMN.

Not a troll... just a complete 'C U Next Tuesday'.

D4rK

Re: Warning! Possibily troll invasion!
 

troll? maybe..

arsehole?? definitely !!

Re: Warning! Possibily troll invasion!
 

Wow... just proves my point:
The more technology advances, the more cyber-crime advances too..

That 'troll' (feel free to replace 'troll' with anything mre suitable) should get a Tasty slap!

Re: Warning! Possibily troll invasion!
 

yet another reason to install stuff from the official repositories...

thanks for the heads-up!

By the way, I'm wondering what was the original language of the post (probably English), since the Italian version is so so wrong grammatically...

Re: Warning! Possibily troll invasion!
 

Well I think that at least it won't brick your device, and if you backup your stuff on another computer on a regular basis - you won't be really damaged...

Re: Warning! Possibily troll invasion!
 

what a tosser! what fun would he get out of buggering peoples phones up?

SAD :D

Re: Warning! Possibily troll invasion!
 

Yup, and particularly not from some random guy posting stuff at some random forum.

It's also a case in point for necessity of the repository QA process, and why most people should not have devel and testing repos enabled.

Also, it proves the lack of imagination from whoever posted it. For larger exposure, make it appear useful at first, and start doing nasty stuff later, making it much harder to find out what's causing it.

Re: Warning! Possibily troll invasion!
 

lol Mate don't give people ideas on how to better their malware, personally I'd rather they stay easy to spot!

I completely agree about the repos though, and if you're installing a .deb from an unknown source you're definitely better off checking it before installing.

Kind Regards,
D4rKlar

Re: Warning! Possibily troll invasion!
 

i hate such people.they should search for a job instead of *****ing around

Re: Warning! Possibily troll invasion!
 

good thning that he didnot mention that flah 10 would be added, but only talked about the front facinf camera. which i am sure lured some people but it would have been devastating if he had mentioned flah 10 on that malware because of the population we have in N900 users wanting flash 10 so bad.

Re: Warning! Possibily troll invasion!
 

I think if he had mentioned flash 10 then it would have made a lot of people suspicious. Surely the first announcement of flash 10 would come from nokia or a reputed maemo developer, not some kid with bad grammar

Re: Warning! Possibily troll invasion!
 

for real??? i made a pack with a leaked flash, is there some sospic malware???? i m talking about the leaked version, let me know about it becouse i made a pack for my community!!! thanks!!! i m scared!!!

Re: Warning! Possibily troll invasion!
 

hmm would be intresting if someone had unpack the debfile and check its contents.

Maybe the troll just is desperate after some more porn an copy all contents from n900 to his server and hope to see some naked girlsfriends or similar lol.

writing such script is probadly very easy. So people should learn not install apps from non official repositorys or atleast check file contents before install.

Re: Warning! Possibily troll invasion!
 

You can get porn for free in the net. I have a lot. I think he is after money.

Re: Warning! Possibily troll invasion!
 

I thought linux never gets viruses ??
XD

Re: Warning! Possibily troll invasion!
 

It depends on malware writers. As long as Linux is rarely used, most malware writers don't bother to write malware for it (different flavours of Linux have different package formats, filesystems, directory structures, ways to protect against malware, Internet browsers, window managers). But if there is one particular kind of Linux which is more predictable, easier to attack and giving greater advantage, it might be attacked.

http://en.wikipedia.org/wiki/L10n_worm
http://en.wikipedia.org/wiki/Linux_malware

Re: Warning! Possibily troll invasion!
 

Worrying that someone would learn unix commands and deb package format just to be a digital *******.

Re: Warning! Possibily troll invasion!
 

Hey Veleno. Thanks for the heads-up. I had a quick look at maemomeego.net at what you had to say about him/her "Damn, YOUR APPLICATION IS A SIMPLY SCRIPT FOR DELETE ALL THE CONTENTS OF THE PHONE!
You're a dirty bastard!
I hope you die soon " made me laugh. Why would someone want to release something like that. Thanks for letting us know.

Re: Warning! Possibily troll invasion!
 

Don't be too harsh. He's probably 12 and wants everyone to know hw learned to write a script. That's why it's called a script kiddie. Just like every child goes through his or her "mommy, mommy, mommy" phase, so does everyone. Ever since there were flies and humans there were humans that ripped their wings off.

And if you are not good anough to impress in a good way, the only way left is the bad wayl

Besides, they are all necessary. Without these kinds of arses security would be lax, people uninstructed. I tell you, once you lose all you data you stop running oddball scripts, start making backups.

Who here has complete backups AND has never lost a file? I'm telling you, some lessons are only learned the hard way.

Not that I approve, but swearing at the script kiddie is like being upset at the wind taking your trailer. It's just a force of nature. If anything, you need a better house. Just because you think you should be able to live under a blanket doesn't make it so. And just because we'd like to install and run everything safely doesn't make it so.

Die soon? That has got to be an overstatement. But then again, kids will be kids both ways.

Re: Warning! Possibily troll invasion!
 

I fixed that for ya. :)

Thanks Veleno

This once again demonstrates the benefits of an independent and active world-wide user community. :)