Send MinGW-Notify mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.osdn.me/mailman/listinfo/mingw-notify
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of MinGW-Notify digest..."
Please do not reply to this notification; the sender address is unable to
accept incoming e-mail. If you wish to unsubscribe you can do so at
https://lists.osdn.me/mailman/listinfo/mingw-notify.
Today's Topics:
1. [mingw] #42768: mingw.org domain hijacked
(MinGW Notification List)
----------------------------------------------------------------------
Message: 1
Date: Wed, 25 Aug 2021 19:42:46 +0900
From: MinGW Notification List <[email protected]>
To: OSDN Ticket System <[email protected]>
Subject: [MinGW-Notify] [mingw] #42768: mingw.org domain hijacked
Message-ID:
<[email protected]>
Content-Type: text/plain; charset=UTF-8
#42768: mingw.org domain hijacked
Open Date: 2021-08-25 19:42
Last Update: 2021-08-25 19:42
URL for this Ticket:
https://osdn.net//projects/mingw/ticket/42768
RSS feed for this Ticket:
https://osdn.net/ticket/ticket_rss.php?group_id=3917&tid=42768
---------------------------------------------------------------------
Last Changes/Comment on this Ticket:
2021-08-25 19:42 Updated by: jimbo19692
* New Ticket "mingw.org domain hijacked" created
---------------------------------------------------------------------
Ticket Status:
Reporter: jimbo19692
Owner: (None)
Type: Issues
Status: Open
Priority: 5 - Medium
MileStone: (None)
Component: WEBSITE
Severity: 5 - Medium
Resolution: None
---------------------------------------------------------------------
Ticket details:
Likely only the DNS settings have been hijacked. When navigating to mingw.org,
you end up on a page with obvious malware (Chrome extension in at least one
case, but it rotates) being served (i.e. attempts to fool unsuspecting users
into downloading & installing rogue software). It is not just an add contained
within the page -- it is the whole page. There is either an A RECORD in the
DNS, or a forward/redirect on the real mingw site that has been hijacked to
send folks to the malicious site instead.
I think this, at the very least, undermines trust and confidence in the MinGW
product. To add insult to injury, eventually, after rejecting the fake
downloads enough, the page (on one occasion, at least) redirected to the
mingw-w64 site. There seems to be some logic built into the redirect, based on
the referrer, leading me to suspect a forward/redirect on the real page, rather
than a DNS issue.
Good luck with it, and with your impressive MinGW tool.
Sincerely,
--James Wing
--
Ticket information of MinGW - Minimalist GNU for Windows project
MinGW - Minimalist GNU for Windows Project is hosted on OSDN
Project URL: https://osdn.net/projects/mingw/
OSDN: https://osdn.net
URL for this Ticket:
https://osdn.net/projects/mingw/ticket/42768
RSS feed for this Ticket:
https://osdn.net/ticket/ticket_rss.php?group_id=3917&tid=42768
------------------------------
Subject: Digest Footer
_______________________________________________
MinGW-Notify mailing list
[email protected]
https://lists.osdn.me/mailman/listinfo/mingw-notify
------------------------------
End of MinGW-Notify Digest, Vol 46, Issue 1
*******************************************
