On 24/04/2023 10:24 a.m., Niels Bakker wrote:
* nanog@ve4.ca (Glen A. Pearce) [Mon 24 Apr 2023, 17:42 CEST]:
Well, I eventually had a friend open the attachment on his Linux machine
Not necessarily a safe idea: https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-la... (scroll down to "Operation DreamJob with a Linux payload", sadly no anchors)
-- Niels.
Thanks for the heads up on that. My situation (in this one case) was a little different from the example in the article you sent as I had already verified it was a text file (and not another type masquerading as a text file with funny characters). I was just concerned because I was wondering if someone had found a way to compromise Windows Notepad (or at least some versions of it because Microsoft likes to keep changing things). I still kinda wonder now if there is some vulnerability in Microsoft Notepad somewhere because of a "feature" someone decided to add along the way that nobody needed and almost nobody known about.... The link you included might still save someone a lot of headaches one day. I checked with my friend, what he did was use Linux on a virtual machine with a static hard drive then started "Nano" at the command line and used that to open the file I sent him. He's a lot more expert than me so I tend to trust that he knows what he's doing even if he doesn't fill me in on all the details. I guess in this case he figured he didn't need to fill me in on them until I asked. Though I did pass on the article you sent in case it's relevant to something he encounters in the future. -- Glen A. Pearce gap@ve4.ca Network Manager, Webmaster, Bookkeeper, Fashion Model and Shipping Clerk. Very Eager 4 Tees http://www.ve4.ca ARIN Handle VET-17