A hacker that goes by the Cult of Peggle handle on Twitter has compromised Fosshub and embedded malware inside some of the files hosted on the website that were offered for download.

According to Cult of Peggle, he breached the website and embedded a malware payload inside some of the files hosted on Fosshub, a downloads portal, in the same category as Softpedia.

Infected applications include Audacity, an audio editor and recorder, and Classic Shell, an app for enhancing the Windows desktop experience.

Based on tweets, the hacker seems to have compromised the Fosshub accounts for the developers of those two projects.

Malware rewrote MBR with harmless message

According to multiple reports from users complaining on 4chan and the Classic Shell forums, the malware only seemed to rewrite the user’s MBR (Master Boot Record), a section of the hard drive containing information about the computer’s boot-up procedure.

After users downloaded and installed the compromised software from Fosshub, the next time the user would reboot, the rewritten MBR would show a blank black screen with a message from the hacker:

  As you reboot, you find that something has overwritten your MBR! It is a sad thing your adventures have ended here! Direct all hate to PeggleCrew (@CultofRazer on Twitter) Greetz: Eclipso, Bubsv, Conflict, Wizards of the Coast, JewInvader, LagFish, Roland, Josh Burress, Jacob Gruentzel, AF, Teridax, John Cena, Ethan Ralph, Vince (RIP)  

In subsequent tweets, the hacker said that he tried to insert an EFI payload (rootkit), but had failed, and since it was only a joke for him, he later gave up.

Users can recover their computers from the malware’s effects

The current MBR malware’s effects can be easily reverted. Below is a YouTube video recorded by danooct1 that features some recovery instructions for affected users. Additionally, the Classic Shell forums also contain additional instructions.

An hour before this article’s publication, Fosshub administrators took down the website. On Twitter, the hacker said he didn’t dump the site’s database but said that “passwords weren’t salted.”

Cult of Peggle is actually another name for Peggle Crew, the hacking crew that in the past had hijacked the Twitter accounts of Ringo Star and the NFL (National Football League), announcing the NFL Commissioner Roger Goodell’s death as a prank.

Softpedia has reached out to Cult of Peggle and the article may be updated with new information.

Let’s block ads! (Why?)

Related Posts

Facebook Comments

Return to Top ▲Return to Top ▲