[R-pkg-devel] Possible malware(?) in a vignette
Ivan Krylov
|kry|ov @end|ng |rom d|@root@org
Sat Jan 27 14:05:26 CET 2024
Apologies for being insufficiently clear. By "a file straight from NOAA" I meant a completely different PDF, <https://www.ncei.noaa.gov/sites/default/files/2022-06/woa18documentation.pdf>, that gives the same SHA-256 hash whether downloaded by VirusTotal <https://www.virustotal.com/gui/url/ebff41f79720bcd2bbccf343874a584f2b3d78f3cd390a19f11b7576c3a38ad1?nocache=1> or me, comes from a supposedly trusted source, and still makes Acrobat Reader behave like it's infected, show a crashed Firefox on the screenshot and drop a number of scary-looking files. Surely there will be a difference between reading an infected file and a non-infected file?
27 января 2024 г. 15:10:53 GMT+03:00, Bob Rudis <bob using rud.is> пишет:
>Ivan: do you know what mirror NOAA used at that time to get that version of
>the package? Or, did they pull it "directly" from cran.r-project.org
>(scare-quotes only b/c DNS spoofing is and has been a pretty solid attack
>vector)?
More information about the R-package-devel
mailing list