LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 09-13-2019, 06:02 PM   #1
Larry James
Member
 
Registered: Jun 2000
Location: Buffalo, New York
Distribution: Ubuntu, Raspbian
Posts: 381

Rep: Reputation: 40
My Computer has a virus from the snapd/snap set.


The program is also able to use code from the gsd-xsetting for some type of "god sharing" so that it can see my screen.

The program has caused my servers to crash and has actually downloaded the drives and made the drive unusable.

I don't know how to explain all the details of what I can see from the entities, but I'll glad explain what I can to any interested party.

If I could see what the program is doing to grab the gsd-xsetting from the good sharing (by blocking it) that would be a start.

Thanks in advance for anyone who has a concept on this!

-- L. James

--
L. D. James
ljames@apollo3.com
www.apollo3.com/~ljames
 
Old 09-13-2019, 06:42 PM   #2
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 15,430
Blog Entries: 25

Rep: Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438
Download an antivirus for Linux, take the machine off-line, and run a scan. Several reputable outfits offer Linux antivirus programs.

It's probably a good idea to take your email out of your signature to make it harder for spammers to harvest it.
 
Old 09-13-2019, 08:13 PM   #3
Larry James
Member
 
Registered: Jun 2000
Location: Buffalo, New York
Distribution: Ubuntu, Raspbian
Posts: 381

Original Poster
Rep: Reputation: 40
Thank you for your diligent information.

The computers are offline. The drives with the virus are on a drive while the computer is offline. I go through the development of the data by looking at the development so that I can point the disposition.

There's something about the snapd/snap that allows the system to actually communication with my computer, without it being online. When running the data (with the computer offline) the drives moves back and forth while it's trying to find the content of the files that are on the data (by the file name or other names that have been created).

The drive makes noise while the drive is trying to identify the files with the date name.

The drive is trying to alert me that it can't find the files, which it's actually offline and trying to identify.

There's something about the snapd/snap that is operating while the file is offline.

I uninstall the files by the time it finished. The data statement is that the files are getting their data from the gnome, while the files are actually offline.

By the way, I have been trying to figure this out for a month. The screen name you see in my signature is over a month old. It doesn't have any of the current information that has to do with my actual files.

Thanks!

-- L. James

--
L. D. James
ljames@apollo3.com
www.apollo3.com/~ljames
 
Old 09-13-2019, 08:46 PM   #4
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 15,430
Blog Entries: 25

Rep: Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438Reputation: 4438
I have not used snap or flatpak (and have no intention to do so), but I found this link that might be relevant: https://www.omgubuntu.co.uk/2018/05/ubuntu-snap-malware
 
Old 09-14-2019, 09:20 AM   #5
Larry James
Member
 
Registered: Jun 2000
Location: Buffalo, New York
Distribution: Ubuntu, Raspbian
Posts: 381

Original Poster
Rep: Reputation: 40
Thanks, Frankbell. It works perfect.

I hope I can get back into Ubuntu, but in the meantime, it's a welcome to be able to go back to Linux without having to do it via Windows 10 with the virus protection.

Have a nice day!

-- L. James

--
L. D. James
ljames@apollo3.com
www.apollo3.com/~ljames
 
  


Reply

Tags
compromised


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Snapd 2.0.10 Improves Usability of Media Player Snaps LXer Syndicated Linux News 0 07-13-2016 12:41 AM
LXer: Snapd 2.0.10 Snappy Tool Now Available in Ubuntu 16.04 LTS, Here's What's New LXer Syndicated Linux News 0 07-11-2016 02:12 PM
LXer: Canonical Announces Snapd 2.0.9 with Full Snap Confinement on elementary OS 0.4 LXer Syndicated Linux News 0 06-24-2016 05:06 AM
Unable to locate snapd and therefore I cannot upgrade drmjh Ubuntu 1 04-27-2016 10:05 AM
Boot virus or Anti-Virus? AVG Free Anti-Virus Software problems SparceMatrix Linux - Security 9 08-02-2004 02:35 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:26 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration