News Cemu (on Linux) got compromised by hackers

[Princess Viola]

SECURITY PSA - For Cemu emulator 2.6

It has come to our attention that from 6th May to today (12th May) the AppImage and Ubuntu zip assets of Cemu 2.6 on our github were compromised by a pro-Russian threat actor. If you are a Windows or MacOS user you are not affected. If you are a flatpak user you are also not affected. The comprom...

rentry.org

I don't use Cemu myself but if you use Linux and downloaded and ran either the AppImage or Ubuntu releases of Cemu 2.6 (or if you use a third-party thing like EmuDeck that automatically downloads Cemu from their GitHub) between 6 and 12 May, yeah that shit got compromised and you accidentally downloaded malware that can steal your passwords and other PII and it's best to do a complete clean reinstall of your distro.

The Windows, MacOS, and Flatpak versions of Cemu are all unaffected, however.

 

[McBurn]

Thanks for the heads up.

 

[Sheepy765]

Thank goodness I use the flatpak version. I got so scared reading about that earlier today.

 

[DinoRexMax DinoRexMax]

Thank goodness I use the flatpak version. I got so scared reading about that earlier today.

Yeah, thank god I use an actual flesh and blood WiiU or I'd be hosed.

But such a specific break, did it seriously ONLY affect specifically the AppImage and Ubuntu releases of CEMU? That's oddly specific, but I suppose that was either all they were after or all they could break into.

 

[Sheepy765]

Yeah, thank god I use an actual flesh and blood WiiU or I'd be hosed.

But such a specific break, did it seriously ONLY affect specifically the AppImage and Ubuntu releases of CEMU? That's oddly specific, but I suppose that was either all they were after or all they could break into,

Breaking into the flatpak version would be pointless since flatpaks are sandboxed (isolated from the rest of the computer) so they can't really do anything malicious (as far as i'm aware).

 

[FateLanegod]

flatpaks are sandboxed (isolated from the rest of the computer) so they can't really do anything malicious (as far as i'm aware).

Flatpack is not ultimate sandboxing solution.
You still have to be careful. If an author who published an app specified it could access whole root (‘/‘) filesystem, it will be like that by default, leaving you with no isolation. For example, this is the case with VBA-M emulator. Stay vigilant, brothers! It is easy to override, so it is to overlook.

Also, usually flatpack can access xdg portals and dbus. This is a bit better, but again, if you open your user home in directory open dialog, to scan all your roms, let’s say, you will implicitly grant access to all your other files too.

So, it can add a layer of protection, with careful review. Another similar sandboxing solution is snapd.

If there is no flatpack or snap available, you may consider other tools like bubblewrap or firejail. They support some emulation software and games out of the box, others may require manual fine tuning.

These times you should be especially thoughtful about what you download and execute, like back in the old days of internet when trojans and backdoors were widespread. It is really easy to hijack something malicious, even unintentionally, into reliable open source project through some third party dependencies, which hard to control and verify.

Recently there are also multiple privilege escalation security violations discovered in Linux, some allows to escape containers and gain local root. Keep your system up to date.