Article 4H7CW Was my pc hacked? (am I a slave?)

Was my pc hacked? (am I a slave?)

by
0loxw0qk
from LinuxQuestions.org on (#4H7CW)
Hi there,
I'm new to Ubuntu and using Ubuntu 18.04 on my PC.

Few days back, I noticed a text file named "pwn3d.txt" on my home folder. The text inside the file was : "You are (fully) pwn3d due to a homobraphic error on your software dependencies"

I didn't notice any unusual activity and my accounts weren't hacked. Also, I don't remember installing any suspicious soft wares or running any unauthorized scripts.

But still, I got panicked and reinstalled my Ubuntu (I still have windows installed) Today I tried to dug into the logs to see if I can find any suspicious behavior, and I think I found few:

My firewall (UFW) is blocking tons of stuff:
https://i.stack.imgur.com/zLs4M.png - screen shot for few examples

I have --slave commands, few examples from alternative.logs:
update-alternatives 2019-02-10 00:12:25: run with --quiet --install /usr/bin/awk awk /usr/bin/mawk 5 --slave /usr/share/man/man1/awk.1.gz awk.1.gz /usr/share/man/man1/mawk.1.gz --slave /usr/bin/nawk nawk /usr/bin/mawk --slave /usr/share/man/man1/nawk.1.gz nawk.1.gz /usr/share/man/man1/mawk.1.gz

update-alternatives 2019-06-14 10:38:23: run with --install /usr/bin/c++ c++ /usr/bin/g++ 20 --slave /usr/share/man/man1/c++.1.gz c++.1.gz /usr/share/man/man1/g++.1.gz

update-alternatives 2019-06-09 13:34:33: run with --quiet --install /usr/bin/c99 c99 /usr/bin/c99-gcc 20 --slave /usr/share/man/man1/c99.1.gz c99.1.gz /usr/share/man/man1/c99-gcc.1.gz

when i ran the following command: cat /etc/passwd|grep '/bin/bash' I got the following result alongside with my own username:
root:x:0:0:root:/root:/bin/bash

Any suggestions? am I under attack? should I format my computer? Is there any danger for other devices on my network (laptops, router, streamers)?

Please help me.latest?d=yIl2AUoC8zA latest?i=u1rAclija5E:mGjKU-v9yec:F7zBnMy latest?i=u1rAclija5E:mGjKU-v9yec:V_sGLiP latest?d=qj6IDK7rITs latest?i=u1rAclija5E:mGjKU-v9yec:gIN9vFwu1rAclija5E
External Content
Source RSS or Atom Feed
Feed Location https://feeds.feedburner.com/linuxquestions/latest
Feed Title LinuxQuestions.org
Feed Link https://www.linuxquestions.org/questions/
Reply 0 comments