BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...)
Jim Shankland
nanog at shankland.org
Mon Apr 24 17:37:30 UTC 2023
On 4/24/23 9:24 AM, Niels Bakker wrote:
> * nanog at ve4.ca (Glen A. Pearce) [Mon 24 Apr 2023, 17:42 CEST]:
>> Well, I eventually had a friend open the attachment on his Linux machine
>
> Not necessarily a safe idea:
> https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/
> (scroll down to "Operation DreamJob with a Linux payload", sadly no
> anchors)
>
The key security concern here is "don't inspect/interpret bytes in an
attachment with an application of the attacker's choosing". cat, or even
emacs, seem pretty safe.
For me, that's easiest to do with Linux or MacOS (terminal). But sure,
if "open on a Linux machine" still means "point and click", then you're
absolutely correct.
Jim Shankland
More information about the NANOG
mailing list