Be careful: fake emails are circulating in the name of Free/Libre and Open Source projects. Below, an email received by @kdenlive that the official team does not recognize. Be vigilant, these are no doubt scams.
[edit: adding kdenlive hashtag, a request by the team]
#kdenlive
Ray Of Sunlight
•David Revoy
•djsumdog
•David Revoy
•Baa
•Gonna add a signature to my emails now: "the contents of this email is FREE and OPEN SOURCE" ββ
David Revoy
•Aleksandr Prokudin
•David Revoy
•Halla Rempt
•Bart Veldhuizen π
•David Revoy
•Thomas Frans πΊπ¦
•The Flπf next door ...
•and a traceroute fails. Would be interesting whether it is flaged at senderscore.
David Revoy
•Unfortunately, emx.mail.ru return a fail because Protonmail is banned on it. So I used another old email address to test if I can reach them. I'll keep informed.
Manawyrm | Sarah
•MatthiasWandel
YouTubeSerge from Babka
•David Revoy
•Vector Hugo
•WTF!? Who does things like that?
Asking Qui Bono here makes me suspicious if #Adobe #Premiere or #Apple #FinalCutPro are involved in bad business practices like these?
David Revoy
•It's most likely only a group who wants to distribute a repackaged version of Kdenlive with a malware to steal my channel, my passwords, etc... I replied, I'll investigate where it leads.
Vector Hugo
•Pheo :blobcat:
•David Revoy
•I heard they started at Ytb/Google to re-ask password after sensitive changes, like changing the name of the channel or the main email or the password. That will probably limit the attacks.
Delta Wye
•\\
•Seems like a very likely attack vector, as the video sponsorship scam is so often used by fake VPN names that pass the βproductβ to a creator which promptly hijacks their session tokens and thus their youtube account.
What Iβd like to know is if their poisoned pill is actually packaged for linux or if theyβre just expecting whoever responds to have windows. How well have they actually done their research.
Mateusz Urbanowicz
•UnixMan1230
•YoYunix
•David Revoy
•For the curious, here is a follow-up on the scammer who pretended to be from the Kdenlive team. (Email posted yesterday, I'm replying to it β).
Confirmed: it's a scam and their goal is to get the target to install malware.
Here's the whole discussion as screenshot, and it wasn't easy because I had to use an old inactive Gmail account π€’. That's because Protonmail is banned from this impersonator's email address, kdenlivevideo.site (handled by emx.mail.ru).
I won't dig any further.
#kdenlive
Ray Of Sunlight
•Well now isn't this infuriating?
Edit: I typed "know" instead of "now"
Maquinas Linuxeras
•fedora
sud dnf upgrade
David Revoy
•karsonπ :WatsonVibing:
•cymen
•Google Safe Browsing: Report a Malware Page
safebrowsing.google.comDavid Revoy
•Haelwenn /ΡΠ»Π²ΡΠ½/ :triskell:
•David Revoy
•Also, good to know the link is down. I haven't even tried to click on it. I even was affraid about copying the URL in my clipboard, that's why it's a screenshot of my bottom bar adress and the font is super ugly on the 3/3 screenshot xD
Anafabula
•David Revoy
•ElectroFetish
•GunChleoc
•Martin Owens :inkscape:
•@inkscape also had these attacks.
If someone comes in asking about #inkscape promotions and it didn't come from me or someone else well known at the project, be very skeptical. We don't send out emails from inkscape.org addresses for example.
I've had to reply to a bunch of people who were skeptical and emailed to inkscape webadmin to confirm (me) and this is a good thing to do! I don't mind your email confirming, really I don't.
Th3s3us
•David Revoy
•frdbr π₯π³
•David Revoy
•@frd Done! I emailed the 'abuse' link with links to this thread, and info , asking them to remove the account to protect future user of scam/malware. Not sure if it will have any effect, but at least, I tried.
@Th3s3us @kdenlive
Kdenlive
•Th3s3us
•https://www.whois.com/whois/
https://whois.domaintools.com/
For more advanced users, it is also available from a terminal (Linux)
https://manpages.org/whois
Good for reporting, it's always a good practice.
Whois.com - Free Whois Lookup
www.whois.comDavid Revoy
•@Th3s3us Thanks!
@kdenlive
jojo
•David Revoy
•@Reina Thanks! Yes, I was super careful. Like extra careful: old email to reply, handling that on a dedicated Firefox container tab that I deleted, uBlock Origin, fake OS/user agent, an antivirus (clamAV) and all of that on a GNU/Linux system (without Wine for any exe). I haven't downloaded the attachment or followed links. It should reduce risk to near zero.
Now I'm done with this case, you can read the last part of what happened here: https://framapiaf.org/@davidrevoy/112054944971288184
@prokoudine @kdenlive
@Reina Thanks! Yes, I was super careful. Like extra careful: old email to reply, handling that on a dedicated Firefox container tab that I deleted, uBlock Origin, fake OS/user agent, an antivirus (clamAV) and all of that on a GNU/Linux system (without Wine for any exe). I haven't downloaded the attachment or followed links. It should reduce risk to near zero.
Now I'm done with this case, you can read the last part of what happened here: https://framapiaf.org/@davidrevoy/112054944971288184
@prokoudine @kdenlive
David Revoy
2024-03-07 14:46:08
Aleksandr Prokudin
•