According to some sources, Xubuntu v23.10 experienced a security incident where users reported that the official website distributed an installation file containing malware, such as malware that swaps Bitcoin addresses with the attacker's address.
With users coming primarily from Windows, especially Windows 10, where they will be unsupported and with the absurd requirements of Windows 11, Xubuntu is a lightweight alternative, especially for machines with weak hardware.
This reinforces the importance of checking the hashes of downloaded files, verifying pgp signatures and keeping the OS always updated. As you can see, even official sources can be compromised.
One of the sources:
https://www.neowin.net/news/xubuntu-website-compromised-to-deliver-crypto-malware-to-windows-10-refugees/I have only been reading about how vulnerable users can be against scams. With most current news I have been reading in this issues of crypto threat has been about our device being vulnerables to some malwares that targets users
(Us) directly from the device factory with one or two of the interconnected components and the Operating System being weak and not reliable to resist specific malware attacks.
We have now shifted from the threats that directly attack users.
So all devices or brands should be tamed vulnerable since they are all made through global support chain parts. So their securities chains does not have to be trusted. But it helps a lot when you buy your device from reputable brands and supplies. We also can not stay total free from this threats. We just have to keep our best to avoid them as we can.
