NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Virus in "Contact and Calendars App"
There is a virus in the "Contact and Calendars App" - a PHP Backdoor called "Dirtelti.MTG".
Backdoor:PHP/Dirtelti.MTG threat description - Microsoft Security Intelligence
I think that app should be taken down immidiately, as it has been infected.
Filename is "baikal_1.0.2_all.deb" and is located at:
https://apt.readynas.com/packages/readynasos/dists/apps/pool/b/baikal/baikal_1.0.2_all.deb
shot
2 Replies
Replies have been turned off for this discussion
I already responded to a similar message, but can't find it. It's not unique to ReadyNAS and has likely actually been there for some time, it's just that Windows Defender now looks for it. This is what the PHP web site says about it:
- A few days ago, we have noticed that Windows Defender reports some files in the PHP source and test packages as severe threat, claiming they would constitute a backdoor (e.g. Backdoor:PHP/Dirtelti.MTF). These files are auxiliary test files containing eval statements. Are these files backdoors? That depends on the context, i.e. in this case whether they are accessible via the Web. If they are, because they have been uploaded to the webroot of a publicly available Webserver, for instance, they may pose a serious threat. On the other hand, if they are just used on a local machine for development and testing purpuses, they are not malicious in any way.
I'd classify it as a false alarm.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
