My fellow penguins,
I have been pwned. What started off as weeks of smiling everytime I heard a 7-10s soundbyte of Karma Factory’s “Where Is My Mind” has now devolved into hearing dashes and dots (Morse Code) and my all-time favorite, a South Park S13: Dead Celebrities soundbyte of Ike’s Dad saying, “Ike, we are sick of you talking about ghosts!”
It’s getting old now.
I feel like these sounds should be grepable in some log somewhere, but I’m a neophyte to this. I’ve done a clean (secure wipe >> reinstall) already, the sounds returned not even a day later.
Distro is Debian Bookworm. So how do I find these soundbytes? And how do I overcome this persistence? UFW is blocking inbound connection attempts everyday, but the attacker already established a foothold.
Thank you in advance. LOLseas
I couldn’t wait for the next soundbyte, so I checked the running sound-inputs.log and noticed a few entries for Chromium. I don’t use it, nor have I ever installed it on this system. Did a ‘which chromium-browser’ and got no hits. Yet it’s mentioned a few times in the log. Thoughts?
Edit: typo
Different applications can use Chromium as their base and might not be configured to return their application name to PipeWire, which in that case, Chromium returns its name.
If you’re using a web app like Discord/Vesktop that’s likely it.
Thanks for your input!