"Linux Users Unknowingly Exposed to Malware via Free Download Manager Site"
Free Download Manager, a popular software, was involved in a supply chain attack that redirected Linux users to a malicious Debian package repository, resulting in the installation of information-stealing malware. The malware established a reverse shell to a command-and-control server and installed a Bash stealer that collected user data and account credentials. The campaign went undetected for over three years, and despite being informed, the software vendor has not responded. The attack was facilitated through the official download page, which occasionally redirected users to the malicious domain. The malware-infected package was disseminated through social media and online forums, with users unaware of the compromise. The malicious package dropped a Bash information-stealing script and a backdoor, allowing the attackers to collect sensitive information. The malware remained undetected due to the rarity of Linux malware and limited redirection to the unofficial URL.