x404.co.uk
http://www.x404.co.uk/forum/

Linux Trojan
http://www.x404.co.uk/forum/viewtopic.php?f=19&t=19674		 Page 1 of 1
Author:  big_D [ Fri Aug 09, 2013 6:35 am ]
Post subject:  Linux Trojan
There is a new Linux trojan designed to steal banking and credit card information.

http://www.zdnet.com/linux-desktop-troj ... 000019175/

Quote:
Here the name of the game is to grab your personal login and password data with a "Form grabber" as you enter it into your bank or other online system. This information consists of your stolen credentials, the timestamp of when you visited a site, which Web sites you visited, and possibly your Web browser's cookies. Finally, all this is then passed on over the Internet to a command-and control server. From there the crooks can get to work selling your information to people who will start running up your credit-card bills.


Quote:
At this point, some Linux users may start pooh-poohing this as yet another case of virus FUD. It's not. Hand of Thief really is out there. I should know. Someone tried to give a case of it to me earlier today.


Quote:
By the way, that wasn't a mistake when I said "sales agent." Like a lot of modern malware, Hand of Thief is designed by criminals for criminals. As Kessem wrote, "This malware is currently offered for sale in closed cybercrime communities for $2,000 USD (€1,500 EUR) with free updates." When it goes "commercial," its "price is expected to rise to $3,000 USD (€2,250 EUR), plus a hefty $550 per major version release. "
Author:  Amnesia10 [ Fri Aug 09, 2013 7:06 am ]
Post subject:  Re: Linux Trojan
While it might be a threat to Linux users wouldn't the numbers of linux users be relatively low? I thought that most Linux machines are servers.
Author:  saspro [ Fri Aug 09, 2013 7:39 am ]
Post subject:  Re: Linux Trojan
Amnesia10 wrote:
While it might be a threat to Linux users wouldn't the numbers of linux users be relatively low? I thought that most Linux machines are servers.


A lot of government machines in other countries & defence personnel machines are Linux (so they're not reliant on a single vendor).
Developing countries also can be heavily reliant on Linux due OEM MS costs.
Author:  big_D [ Fri Aug 09, 2013 7:45 am ]
Post subject:  Re: Linux Trojan
A lot of people also use Linux, either in a separate partition/virtual machine or a Live CD specifically for things like Banking, because until now it has been secure against such attacks.

A Live CD would still probably be relatively secure, because you would need to have email or a social network running (either in web browser or dedicated application) in order to receive the trojan. When the machine is shut down, the trojan would be removed from memory and when the system is restarted, the trojan would not be around, so the user would need to infect themselves again.

With a secondary partition/virtual machine, if the user falls for it once, it will be there for every future session until manually removed.

That said, if they are using the VM specifically for financial transactions, then they shouldn't be browsing emails or reading social networks on their "secure" platform.
Author:  Amnesia10 [ Fri Aug 09, 2013 8:57 am ]
Post subject:  Re: Linux Trojan
saspro wrote:
Amnesia10 wrote:
While it might be a threat to Linux users wouldn't the numbers of linux users be relatively low? I thought that most Linux machines are servers.


A lot of government machines in other countries & defence personnel machines are Linux (so they're not reliant on a single vendor).
Developing countries also can be heavily reliant on Linux due OEM MS costs.

I doubt that these people will have a significant online banking presence. This is more targeted at Linux users in the West. I fully appreciate the benefits of linux especially for governments and companies, as you mentioned the OS licenses can be horrendous.
Page 1 of 1 All times are UTC
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/