Briefly describe your issue below:
Context: new used laptop. Wiped the drive clean. Inspected for hardware tampering for good measure. Installed parrotsec on it to try for a week. Absolutely done nothing or fiddled with the inner workings of the distro apart from the frequent parrot-upgrade. Also did watch some youtube on it from time to time.
The issue was two-fold, the latter more serious, after another parrot-upgrade, kde plasma broke: widgets disappeared from the panel(all of them), right and mouse wheel(scroll through workspaces) don’t work on the desktop, and the search doesn’t work i.e. no search entries display. The second more serious issue is that an unknown file disguised as a video file but doesn’t work with vlc, actually a text file that I opened in nano which turns out to be a little garbled version of the man page of passwd appeared in my /home/user. The exact title(ignore double quotes) of the file was “that shouldn’t boot. Otherwise a cracker only needs physical access and a boot disk to access your entire system.” Anyway, everything apart from /boot is encrypted. But that’s not really relevant, I digress. Why did this unknown file appear out of nowhere? Am I compromised? Is the firmware backdoored remotely? Should I scrap it or just do a clean install again on the drive? I already permanently disabled computrace and amt by the way.
What version of Parrot are you running? (include version (e.g. 4.6), edition(e.g. Home//KDE/OVA, etc.), and architecture (currently we only support amd64)
4.7 KDE Plasma amd64
What method did you use to install Parrot? (Debian Standard / Debian GTK / parrot-experimental)
Debian Standard. The one that has a simple gui with keyboard controls.
Configured to multiboot with other systems? (yes / no)
No.
If there are any similar issues or solutions, link to them below:
If there are any error messages or relevant logs, post them below:
Im good with malware analysis. Maybe I could help.