Malicious behavior in a common Gnome application

I installed @Storm's Anubis icon set and applied it (Which I really like the style and design of, by the way; Check it out). This always leads to testing of seeing which icons show up and which do not. Usually, I just open the app menu and slowly browser through "All Software."
This time, I was noticing some oddities. The most notable was a tool or utility named filemanager-Actions which bore the Nautilus File manager Icon. I launched it; It does allow many options and settings for Nautilus, apparently. I clicked Help > About trying to suss out when I got this.
Here, it lists:
fma

It also has the developer website listed. So, I clicked the link (Which I will not paste here). At this point, a suspicious link appeared. It performed a captcha, including the message "Click Allow to prove you are a human."
That is highly unusual behavior. The "Allow" is for accessing the web browser and showing your notifications. Captchas generally perform a simple test, not an invasive demand that you grant access to your computer.

I did a bit of digging and found that this developers website has already been flagged for Phishing.

All the credentials seem to match the Gnome developer - but even if I apply benefit of the doubt that they are not phishing data, using captcha to demand access to your browser is very inappropriate and unethical.

Stay alert.

Installing it may link to a user installing Nautilus Extensions.

8 Likes

Did the app come default or was it something you installed (a bit confused, as I'm in Solus).

2 Likes

Interesting. I found the same Symbol for another Program:

And as Project Website is there:

@Ponce-De-Leon That is normal and it is the Nautilus File Manager icon.
@Storm, I believe I installed it as it is associated with Nautilus Extensions. I do not remember doing so but uhh... We all have software we installed and forgot all about.
It is not a default app.
I install a lot of things when trying to help others troubleshoot issues. I install what they did to try to understand or replicate their issue.

5 Likes

Thanks for the report!

This is also why I love Zorin OS, its very secure, and won't just let strange apps run on their own, which could do great damage. And putting the extra security of Zorin OS aside, open source Linux just in general, generates much scrutiny from the community, who are able to see the code in the Linux OS's, it makes it very hard, to get suspicious things passed folks like you.

When you look at what Microsoft has been doing with Windows 10, and now 11, no part of that OS is secure for its users. Heck, the entire OS itself is malware to start with! So no one should be surprised when other malware and virus's, get on their Windows installations, there is practically no security, especially when everything is auto run, not ask the user if they want to run.

Actually, now that I think about it, Windows 11 users today, really should run, as in, run away from the OS fast, and get on Linux ASAP. But hey, thats just my opinion, and recommendation. But if there is anything this proves, even though Linux is far more secure, a user still needs to be vigilant.

Just cause things won't auto run without your consent, and don't have admin privilages by default, doesn't mean you can let your guard down. If you click allow, on running something you don't know, you can single handedly screw up your OS installation, so just got to be careful.