kicad-developers team mailing list archive
-
kicad-developers team
-
Mailing list archive
-
Message #26872
Re: ransomware locky detected on version 4.0.4 and 4.0.3
Thank you for the feedback.
Den 02/12/2016 09.02 skrev "Paolo Barbato" <paolo.barbato@xxxxxxxxxx>:
> Hi Nick,
>
> let me inform you that CheckPoint has verified that was a false positive.
>
>
>
>
>
>
>
> *RnD confirmed this to be a false-positive.Within the next few hours, the
> database will be updated and the FP will be removed.Please check today by
> end of day [3:00pm your time] and issue should be resolved.Let me know if
> anything else is required, or if we can proceed with closure of this SR.*
>
>
> Time to time some good news, we need it !
>
> Regards,
> Paolo.
>
>
> On 1 Dec 2016, at 17:46, Paolo Barbato <paolo.barbato@xxxxxxxxxx> wrote:
>
> <locky.txt>
>
> Hi Nick,
>
> this is the complete log...CheckPoint is working on this.
>
> Regards,
> Paolo.
>
> Il giorno 01/dic/2016, alle ore 17.03, Nick Østergaard ha scritto:
>
> Paolo,
>
> Does that firewall software of yours not provide any technical info about
> this? Like filenames or byte sequences or similar?
>
> Den 01/12/2016 16.41 skrev "Wayne Stambaugh" <stambaughw@xxxxxxxxx>:
>
>> Paolo,
>>
>> This might be a false positive. We've seen this in the past. Would one
>> of our windows package devs please verify the windows installer binaries
>> on the kicad download page are still valid?
>>
>> In the future, please post your questions to the developers mailing list.
>>
>> Cheers,
>>
>> Wayne
>>
>> On 12/1/2016 7:56 AM, Paolo Barbato wrote:
>> > Dear devolopers,
>> >
>> > I’m in charge fro internet security at Consorzio RFX laboratpry.
>> >
>> > We’ve blocked, using ChcekPoint firewall, a download attempt of an
>> > internal user of kicad from your official link
>> > http://kicad-pcb.org/download/windows/ .
>> > Compromised version are 4.0.4 and 4.0.3 both 64 and 32 bits that seems
>> > have exploited by locky ransomware.
>> >
>> >
>> >
>> > Please check, and let me know.
>> >
>> >
>> >
>> >
>> > ------------------------------------------------------------
>> ------------------------------------
>> > Paolo Barbato
>> >
>> > Consorzio RFX
>> > <https://www.igi.cnr.it>corso Stati Uniti,4
>> >
>> > 35127 Padova - Italy
>> > Network Administrator
>> > phone: +39 049 8295097 fax: +39 049 8700718
>> > ------------------------------------------------------------
>> ------------------------------------
>> >
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~kicad-developers
>> Post to : kicad-developers@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~kicad-developers
>> More help : https://help.launchpad.net/ListHelp
>>
>
> ------------------------------------------------------------
> ------------------------------------
> Paolo Barbato
>
> Consorzio RFX <http://www.igi.cnr.it/>
> corso Stati Uniti,4
> 35127 Padova - Italy
> Network Administrator
> phone: +39 049 8295097 <+39%20049%20829%205097> fax: +39 049 8700718
> <+39%20049%20870%200718>
> ------------------------------------------------------------
> ------------------------------------
>
>
> ------------------------------------------------------------
> ------------------------------------
> Paolo Barbato
>
> Consorzio RFX
> <https://www.igi.cnr.it>corso Stati Uniti,4
>
> 35127 Padova - Italy
> Network Administrator
> phone: +39 049 8295097 <+39%20049%20829%205097> fax: +39 049 8700718
> <+39%20049%20870%200718>
> ------------------------------------------------------------
> ------------------------------------
>
>
References
