BEWARE: Trojanized Versions of PuTTY Client Application

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
View previous topic :: View next topic  
Author Message
mac913
DD-WRT Guru


Joined: 02 May 2008
Posts: 1848
Location: Canada
PostPosted: Sat Sep 17, 2022 15:45    Post subject: BEWARE: Trojanized Versions of PuTTY Client Application Reply with quote
I use PuTTY to access all my DD-WRT Routers. Beware of Trojanized versions of PuTTY client application. See link.

https://thehackernews.com/2022/09/north-korean-hackers-spreading.html
_________________
Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531

YAMon 3.4.6 | DNSCrypt-Proxy V2
Back to top View user's profile Send private message
Sponsor
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6436
Location: UK, London, just across the river..
PostPosted: Sat Sep 17, 2022 17:55    Post subject: Reply with quote
Cool Laughing Razz that's why you DL Putty from the official site only and check the sig. and ect.
best bet use linux Razz
_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Back to top View user's profile Send private message
blkt
DD-WRT Guru


Joined: 20 Jan 2019
Posts: 5700
PostPosted: Sat Sep 17, 2022 18:43    Post subject: Reply with quote
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html -> 64-bit x86: putty.zip
Back to top View user's profile Send private message
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs
PostPosted: Sat Sep 17, 2022 19:26    Post subject: Reply with quote
Its a mixed bag report requiring multiple hoops from attacker to get there, it requires whatsapp users (if you use whatsapp you already half deserve this), a job application, it grabs some ISO which deploys the trojanized versions of putty/telnet? Then phishing and requiring connecting using some already trojanized version using some instructions from some file, so it seems with certain confidence it has nothing to do with official putty builds.

Just the chain of what needs to happen before, it indicates the targets must be total dumb asses.

Like said already, dont get your putty anywhere else and if you just can't help but to follow the Nigerian like phishing scams, then you deserve it.

I'm quite surprised at the low quality of this report from this source.

Thanks for posting this.
_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
Back to top View user's profile Send private message Visit poster's website
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum