Desktop Linux must be growing more popular. Someone's finally created what appears to be a semi-successful Linux Trojan.
For years, Linux desktop users had it easy. Their Windows brothers and sisters had to deal with an unending stream of malware; but other than a handful of exploits aimed mostly at Linux servers, there were no real Linux Trojans or viruses. Oh well, all good things must come to an end.
RSA, the Security Division of EMC, has reported that a "Russia-based cybercrime team has set its sights on offering a new banking Trojan targeting the Linux operating system: Hand of Thief."
Here the name of the game is to grab your personal login and password data with a "Form grabber" as you enter it into your bank or other online system. This information consists of your stolen credentials, the timestamp of when you visited a site, which Web sites you visited, and possibly your Web browser's cookies. Finally, all this is then passed on over the Internet to a command-and control server. From there the crooks can get to work selling your information to people who will start running up your credit-card bills.
Hand of Thief also includes a mechanism to prevent users from accessing anti-virus sites. This seems to work by manipulating Internet Domain Name System (DNS) addresses within memory rather than doing some obvious such as changing records in your hosts file.
Its developer claims "it has been tested on 15 different Linux desktop distributions, including Ubuntu, Fedora, and Debian. As for desktop environments, the malware supports 8 different environments, including Gnome and KDE." The attack specifically targets common Web browsers Firefox, Google Chrome, as well as several other that others that are often found on Linux such as Chromium, Aurora, and Ice Weasel.
Spread your RAT Swiftly Video Tutorial: http://www.youtube.com/watch?v=QcHVsUJsAuk
No comments:
Post a Comment