I've been using Linux for a couple of months now, and I've been quite careful with what I run and install. Recently, I was experimenting with self-hosting n8n. At first, I ran it in a Docker container, but when I faced some issues with node dependencies, I decided to host it directly on my machine. Unfortunately, I made the mistake of installing a community node from npm. Now, when I try to run commands in the terminal, some installations, like npm, seem corrupted. To make matters worse, I found a text file on my desktop that says 'hello from amarican'. How worried should I be about this? Is there any way to check if my system is compromised further? Will I need to reinstall Linux from scratch? I have a lot of useful applications that I rely on daily, and I want to preserve those if possible. Also, I'm dual booting with Windows on a different drive—will that be impacted as well? What are my options?
4 Answers
Sounds like someone figured out how to access your system and gave you a little warning. You might want to consider wiping it and starting fresh just to be safe.
You're probably okay, but if you want peace of mind, reinstalling Linux could be a good route. Just remember, your /home folder keeps all your settings, so you can reinstall software from the repository and get back to normal pretty quickly. Using something like Timeshift for snapshots is great for restoring your system.
It's a good idea not to test stuff on your main desktop. In the future, try using a virtual machine or containers so that if something goes wrong, you can just destroy the test environment.
If you exposed any services to the internet, you could be in a bit of trouble. My advice would be to wipe and reinstall to avoid further issues.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures