confirmed by security vendors, part of the Chinese version of the putty WinSCP software, built-in back door, and the two models of software appeared in Baidu search advertising auction ranks (TechWeb pictures)
[TechWeb] January 31st news reports, recently, according to security industry sources, there may be a backdoor part of the Chinese version of the putty WinSCP, SSH, Secure and other tools. The number of security vendors to verify, the Chinese version management tool does exist backdoor, may cause the server administrator password and information disclosure, so as to completely control the Linux server.
is reported that, PuTTY is a well-known Windows open source SSH management tools, WinSCP is commonly used open source SFTP tools. Both are free, open source software, which PuTTY has no official Chinese version, and WinSCP has the official Chinese version. Recently found that the Linux server administrator, the unofficial "Chinese version" of the built-in tools suspected backdoor, part of the site and the enterprise server has therefore been hacked, causing the system to root password leak and data leakage.
but it is worth noting that, in the Baidu search PuTTY and WinSCP these two software, there have been bidding advertising, and pointing to the unofficial authorized Chinese packaging distribution site.
Jinshan, 360 and many other domestic security vendors detection, download station provides PuTTY tools such as "Chinese version" with malicious code, the Linux server may lead to the highest authority is stolen, even at risk of being affected by the website hackers leak.
The site may contain Winscp
risk Chinese station http://s.www.winscp.cc/ Putty http://s.putty.org.cn/ and http://s.putty.ws/ Chinese station. Three the same risk site interface, and use the same traffic statistics. Downloading unauthorized Chinese packaging software may cause server administrator password leakage, data leakage, and server risk.
security vendor Linux system administrator should immediately uninstall the finished version of the software, and modify the administrator password as soon as possible. If the server has been threatened by risk, you can try to change the SSH connection port, so that the attacker can not find the entrance.
recently, the security problem is widespread concern in the industry, a large number of sites previously including CSDN, network, Tianya suffered the disclosure of user information, and even once let Internet users questioned the Internet enterprise security system. (Chuck)