Sure, those are simply Ant files. I also wonder about the 26 open source projects they refer to on GitHub, without naming them, where this problem was encountered. I have about that number of NetBeans projects in my GitHub repo, so I guess this is all just about me. :-)
Gj On Fri, 29 May 2020 at 21:22, Scott Palmer <swpal...@gmail.com> wrote: > The malware explicitly targets NetBeans: > > The malware is capable of identifying the NetBeans project files and > embedding malicious payload both in project files and build JAR files. > Below is a high -evel description of the Octopus Scanner operation: > > • Identify user's NetBeans directory > • Enumerate all projects in the NetBeans directory > • Copy malicious payload cache.dat to nbproject/cache.dat > • Modify the nbproject/build-impl.xml file to make sure the malicious > payload is executed every time NetBeans project is build > • If the malicious payload is an instance of the Octopus Scanner itself > the newly built JAR file is also infected. > > > > Though they did also mention: > > "If malware developers took the time to implement this malware > specifically for NetBeans, it means that it could either be a targeted > attack, or they may already have implemented the malware for build systems > such as Make, MsBuild, Gradle and others as well and it may be spreading > unnoticed," GitHub added. > > > I’m not sure if there is any sort of sanity check NB can do to the > cache.dat file to help prevent this. > > Scott > > > On May 29, 2020, at 3:16 PM, Geertjan Wielenga <geert...@apache.org> > wrote: > > > It seems to be saying that a build system that uses Apache Ant can be > poisoned by malware. That probably is equally true for Gradle and Apache > Maven — so I don’t understand why they’re picking on Ant. > > Gj > > On Fri, 29 May 2020 at 21:09, Peter Steele <steeleh...@gmail.com> wrote: > >> Hi >> >> Saw this >> >> >> https://www.zdnet.com/article/github-warns-java-developers-of-new-malware-poisoning-netbeans-projects/ >> >> Do we know anything more about this? >> >> >> >
