I can’t remember the last time that I had a virus or backdoor try to infect my computer. But today I was working in cygwin and went to execute one of my scripts and Trend picked up BKDR_HACDEF.M apperntly from cygcrypt-0.dll. It was a little shocked. I’m not sure where I got the infected file from, I suspect that it was one of the cygwin mirrors, but I can’t confirm that. Looking through my cygwin install log I couldn’t even find a reference to the crypt library. So now I’m attempting to update and reinstall cygwin, I guess I should start archving the log files, since they seem to get overwritten. Just something else for this extremly busy Monday.
Update: Luckily for me I downloaded the file to my PC before I installed them. Running a scan show the file to have come from:
mirror.averse.net, I’m not sure if the problem has been detected and cleaned by them yet or not.