LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 09-10-2020, 04:49 PM   #1
RPC
LQ Newbie
 
Registered: Sep 2020
Posts: 8

Rep: Reputation: Disabled
Being attacked by a virus that does the same thing but drivers are different


Iím Being attacked by a virus that does the same thing but drivers are different than the ones mentioned. Iím using Ubuntu 20.04.

Can anyone help on how to fix this?
 
Old 09-11-2020, 05:03 PM   #2
jefro
Moderator
 
Registered: Mar 2008
Posts: 21,240

Rep: Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451
Get new quality usb flash drive?
 
Old 09-11-2020, 05:37 PM   #3
dugan
LQ Guru
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 10,189

Rep: Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753
Yeah my guess is "bad sector on the Flash drive". Get a new one.
 
Old 09-11-2020, 07:10 PM   #4
sevendogsbsd
Senior Member
 
Registered: Sep 2017
Distribution: FreeBSD
Posts: 2,252

Rep: Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008
Guarantee you aren’t being attacked by a virus. Same answers for your other thread.
 
Old 09-11-2020, 07:17 PM   #5
scasey
LQ Veteran
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.8.2003
Posts: 5,475

Rep: Reputation: 2100Reputation: 2100Reputation: 2100Reputation: 2100Reputation: 2100Reputation: 2100Reputation: 2100Reputation: 2100Reputation: 2100Reputation: 2100Reputation: 2100
Took me a minute to figure this out. The other thread got closed...The OP here says nothing about thumb drives.
I concur. Use a different/new thumb drive.
 
1 members found this post helpful.
Old 09-12-2020, 09:25 AM   #6
smallpond
Senior Member
 
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: Fedora 34
Posts: 3,693

Rep: Reputation: 1075Reputation: 1075Reputation: 1075Reputation: 1075Reputation: 1075Reputation: 1075Reputation: 1075Reputation: 1075
https://superuser.com/questions/3151...copying/315145
 
Old 09-14-2020, 02:40 AM   #7
RPC
LQ Newbie
 
Registered: Sep 2020
Posts: 8

Original Poster
Rep: Reputation: Disabled
How I know itís malware

How I know it’s malware:
1) I received a threat email
2) Both a Mac and the Ubuntu system were working fine before the email
3) Now both computers present the same behavior wether I try copying to any usb flash drive or hard disk
4) I read on another thread that this can be done by replacing the Ubuntu usb 2.0 driver with a 1.1 driver. I asked the question there but since the thread was 4 years old the moderator asked me to open a new thread. The file names mentioned there are outdated and seem to be different in Ubuntu 20.04
5) if this isn’t evidence enough, the hacker got into my windows computer and corrupted the boot sector.
6) The point of the attack is to not let me make backups of my files because the copy never gets finished. It starts at 30 mb/s and it stalls at 5/mb/s. When you’re trying to backup 1tb of data from hard drive to hard drive the copy would take forever. Same behavior happens when I copy one directory to different sandisk or Multilaser usb flash drives.
7) On my Mac he did something even more amazing, all text files get copied but when you open them on the other side they are completely filled with dots (...........).

Last edited by RPC; 09-14-2020 at 02:58 AM. Reason: Additional clarification
 
Old 09-14-2020, 08:05 AM   #8
sevendogsbsd
Senior Member
 
Registered: Sep 2017
Distribution: FreeBSD
Posts: 2,252

Rep: Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008
OP: this is complete nonsense, please stop posting things like this. Things like this never happen.
 
Old 09-14-2020, 08:39 AM   #9
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDo, tinycore, Q4OS,Manjaro
Posts: 4,093

Rep: Reputation: 1904Reputation: 1904Reputation: 1904Reputation: 1904Reputation: 1904Reputation: 1904Reputation: 1904Reputation: 1904Reputation: 1904Reputation: 1904Reputation: 1904
Prep (or have a friend prep) a USB drive with a live-cd iso file (perhaps using one of the tools in my signature) and with ClamAV on it. Boot to that and use clam-av to scan your drives. 99.9% chance that if there is a virus present CLAM will detect and report the virus. I am betting there is no virus, but this is the test you should run to be certain. One might also use a CD-R disk loaded to boot a Linux image with Clam.

Running ANY AV detection from within the CORRUPTED OS is futile, a well crafted virus can use the OS facilities to hide itself. Booting a different OS from a USB device or CD avoids that issue.
 
2 members found this post helpful.
Old 09-14-2020, 09:44 AM   #10
dugan
LQ Guru
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 10,189

Rep: Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753
Quote:
Originally Posted by RPC View Post
How I know it’s malware:
1) threat email
2) Mac
5) windows
7) Mac
Have you taken the Mac and Windows computers to a shop to be looked at professionally (the Mac to an Apple Store, in particular), and if not, why not?

Last edited by dugan; 09-14-2020 at 09:45 AM.
 
Old 09-14-2020, 09:51 AM   #11
GPGAgent
Member
 
Registered: Oct 2018
Location: Cornwall UK
Distribution: Mint 20 xfce 64bit
Posts: 815
Blog Entries: 3

Rep: Reputation: 122Reputation: 122
Pesonally I would line the machine room with tinfoil!!!
 
2 members found this post helpful.
Old 09-14-2020, 10:52 AM   #12
RPC
LQ Newbie
 
Registered: Sep 2020
Posts: 8

Original Poster
Rep: Reputation: Disabled
wpeckham, thank you for your reply. I ‘m using eset antivirus. I found out the reason why the antivirus doesn’t detect it is because what he does is replace the usb 2.0 driver with a 1.1 driver. Like I mentioned this post
https://www.linuxquestions.org/quest...device-166981/
Shows that doing this gets me the exact effect that I mention. I just need this procedure updated to Ubuntu 20.04.

Thank you in advance do your help

Last edited by RPC; 09-14-2020 at 10:55 AM. Reason: Correcting grammar errors
 
Old 09-14-2020, 10:54 AM   #13
dugan
LQ Guru
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 10,189

Rep: Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753Reputation: 4753
Quote:
Originally Posted by dugan View Post
Have you taken the Mac and Windows computers to a shop to be looked at professionally (the Mac to an Apple Store, in particular), and if not, why not?
I find it incredibly revealing that you've chosen to ignore this.
 
1 members found this post helpful.
Old 09-14-2020, 11:05 AM   #14
sevendogsbsd
Senior Member
 
Registered: Sep 2017
Distribution: FreeBSD
Posts: 2,252

Rep: Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008
Probably because it’s not actually a virus but a problem of perception. Viruses that perform said actions simply don’t exist. Making a virus that slows a USB copy just to prevent someone from doing a backup is ludicrous. A new USB stick would probably fix the issue but this is apparently not what OP wants so this thread, like all others about the exact same “mysterious virus” activity will continue ad infinitum.
 
1 members found this post helpful.
Old 09-14-2020, 05:01 PM   #15
jefro
Moderator
 
Registered: Mar 2008
Posts: 21,240

Rep: Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451Reputation: 3451
I guess it could be possible that some email did some damage to two systems. It is not impossible. It is possible that some uefi damage could do that but the odds I'd think are very low.

It should be easy enough to burn a cd/dvd of some live distro and boot to confirm either software or hardware issue.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Old HD attacked by virus XP pro OS and Avast anti-spyware didn't protect katmandoitall Linux - Newbie 13 10-11-2010 01:26 AM
Virus Attacked! matchgirl Linux - Security 7 03-06-2006 08:39 AM
Boot virus or Anti-Virus? AVG Free Anti-Virus Software problems SparceMatrix Linux - Security 9 08-02-2004 03:35 PM
Being Attacked? andy18 Linux - Security 1 05-11-2003 12:09 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 10:02 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration