Popular download portal, Fosshub, was infiltrated by hackers and infected with malware…
On August 2nd, Fosshub found out malware was placed on their site and made available for download to the site’s users. Services were restored the following day.
It all started with the hackers, the PeggleCrew. They infiltrated the website and placed malware available for download. Since Fosshub is a download portal, it was only a matter of time before users fell victim to this scam. But it gets worse.
The hackers claimed they got into the administrator’s account for the website, which provided access to the website’s database. According to Softepida, the PeggleCrew reported they did not dump the database, but did disclose they found the passwords to be “unsalted”.
According to the statement Fosshub made to Reddit, they changed all passwords and checked all of the logs. In an effort to prevent future hacks, the website implemented two-factor authentication.
The malware is able to be removed rather easily. Below is the YouTube video with the removal steps.