Ticket #42768

mingw.org domain hijacked

Date d'ouverture: 2021-08-25 19:42 Dernière mise à jour: 2021-08-25 19:42

Rapporteur:
Propriétaire:
(Aucun)
Type:
État:
Ouvert
Composant:
Jalon:
(Aucun)
Priorité:
5 - moyen
Sévérité:
5 - moyen
Résolution:
Aucun
Fichier:
Aucun
Vote
Score: 0
No votes
0.0% (0/0)
0.0% (0/0)

Détails

Likely only the DNS settings have been hijacked. When navigating to mingw.org, you end up on a page with obvious malware (Chrome extension in at least one case, but it rotates) being served (i.e. attempts to fool unsuspecting users into downloading & installing rogue software). It is not just an add contained within the page -- it is the whole page. There is either an A RECORD in the DNS, or a forward/redirect on the real mingw site that has been hijacked to send folks to the malicious site instead.

I think this, at the very least, undermines trust and confidence in the MinGW product. To add insult to injury, eventually, after rejecting the fake downloads enough, the page (on one occasion, at least) redirected to the mingw-w64 site. There seems to be some logic built into the redirect, based on the referrer, leading me to suspect a forward/redirect on the real page, rather than a DNS issue.

Good luck with it, and with your impressive MinGW tool.

Sincerely, --James Wing

Ticket History (1/1 Histories)

2021-08-25 19:42 Updated by: jimbo19692
  • New Ticket "mingw.org domain hijacked" created

Attachment File List

No attachments

Modifier

Please login to add comment to this ticket » Connexion