On 4/24/23 9:24 AM, Niels Bakker wrote:
* na...@ve4.ca (Glen A. Pearce) [Mon 24 Apr 2023, 17:42 CEST]:
Well, I eventually had a friend open the attachment on his Linux machine
Not necessarily a safe idea:
https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/
(scroll down to "Operation DreamJob with a Linux payload", sadly no
anchors)
The key security concern here is "don't inspect/interpret bytes in an
attachment with an application of the attacker's choosing". cat, or even
emacs, seem pretty safe.
For me, that's easiest to do with Linux or MacOS (terminal). But sure,
if "open on a Linux machine" still means "point and click", then you're
absolutely correct.
Jim Shankland
