https://bugs.documentfoundation.org/show_bug.cgi?id=103053
Bug ID: 103053
Summary: Avoiding Trojan horse “DCM”
Product: LibreOffice
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: medium
Component: LibreOffice
Assignee: [email protected]
Reporter: [email protected]
Description:
Recently a Chinese blog have an article mentioned a Trojan horse called “DCM”,
also known as “黑暗幽灵木马” (hēiàn yōulíng mùmǎ) in Chinese, which have been exposed
by Tencent Corp. in April.
Steps to Reproduce:
As the author, this Trojan using DNS poisoning to distribute itself, and insert
itself within software pack when user update.
Actual Results:
After update, this Trojan can be inserted within LibreOffice, but the user
cannot be mentioned.
Expected Results:
To avoid this Trojan, using encrypted proctol to check and download update is
necessary, and creating an validate machenism after download the update pack is
also useful.
Source: https://program-think.blogspot.com/2016/08/Trojan-Horse-DCM.html
Reproducible: Always
User Profile Reset: No
Additional Info:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:49.0) Gecko/20100101
Firefox/49.0
--
You are receiving this mail because:
You are the assignee for the bug._______________________________________________
Libreoffice-bugs mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs
