Ubuntu ‘command-not-found’ Tool Could Trick Users into Installing Rogue Packages

neub9
By neub9
2 Min Read

Feb 14, 2024NewsroomSoftware Security / Vulnerability

Cybersecurity researchers have discovered that threat actors can exploit the ‘command-not-found’ utility in Ubuntu operating systems to recommend their malicious packages and compromise systems by deceiving users.

Installed by default on Ubuntu systems, ‘command-not-found’ suggests installation packages for uninstalled commands and relies on the Advanced Packaging Tool (APT) and snap packages to make recommendations.

Aqua reported that attackers can abuse the command-not-found tool to have their malicious package recommended, potentially paving the way for software supply chain attacks.

The mishandling of aliases and typosquatting errors can be exploited by malicious actors, leading to legitimate installation suggestions being bypassed in favor of fraudulent packages.

Urging heightened vigilance and proactive defense strategies, Aqua emphasized the need for users to verify the source of a package before installation and for developers to register associated snap names for their commands to prevent misuse.

Aqua identified numerous vulnerable APT package commands, advising cautiousness and prevention strategies to mitigate the risks.

In light of the increasing abuse of the command-not-found utility for recommending counterfeit packages, the need for vigilance and prevention has never been more critical.

For more exclusive content, follow us on Twitter and LinkedIn.

Share This Article
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *