Remember the cross-platform malware that exploited Java to attack both PCs and Macs? Well here's a better one for you: a Trojan downloader that checks your operating system so it can pick which malware to download onto your computer.
The new Web-based social engineering attack, first detected on a compromised website in Colombia, relies on a malicious Java applet to install backdoors on Windows, Mac, and Linux computers. When you first visit such a compromised site, you are prompted to install the Java applet, which unsurprisingly hasn't been signed with a certificate. If you do so, the applet checks which operating system you have (Windows, Mac OS X, or Linux) and then drops a corresponding Trojan for your platform.
F-Secure, which first found the Web exploit, detects the initial malware as Trojan-Downloader:Java/GetShell.A. The respective payloads for Windows, Mac, and Linux are detected as follows: Backdoor:W32/GetShell.A, Backdoor:OSX/GetShell.A (PowerPC binary, requires Rosetta on an Intel-based platform), and Backdoor:Linux/GetShell.A.Read More...
Well, We (Linux Users), knew that these Days were coming. Still, using Common Sense. Not Installing Anything that a Web Site Wants to Install on your System, looks like will keep us safe from this one. And I would think, that if you run an OS, like Fedora Linux, which uses SELinux Security Software. Then, even if you slip up and start to install one of these Trojan containing Java Apps. Then you should get a warning from SELinux and have a chance to Stop it there. I do worry about the type of Trojans, RootKits, etc... that can install them selves without any User Participation though. So, I have always kept Anti Virus Software on my Linux OS's. Since 2005. And Scan my Systems and all files that I receive from Friends via E-Mails. I use KlamAV the Gui Version of ClamAV for Linux and on Windows too. I also like Avast Anti Virus for Windows too. Avast, does have a Linux version. But, the last time I used it (a year of so ago), it was buggy and Crashed in my Fedora Linux Systems. So, I stick with KlamAV now...
- Malicious Chrome extensions hijack Facebook accounts
- Malware tricks Facebook users into exposing credit cards
- Up to 1.5 million Visa, MasterCard credit card numbers stolen
- New Flashback variant silently infects Macs
- Wikipedia: If you see ads on our site, you have malware
- New targeted Mac OS X Trojan requires no user interaction
- Over 600,000 Macs infected with Flashback Trojan
- News 07-12-12
- Adding a heart rate monitor to your exercise equipment - Hack a Day
- Ancient tools offer new view of Stone Age- The New Haven Register - Serving New Haven, Connecticut
- Cat trainer will keep them off the counters - Hack a Day
- Yahoo hacked; 400,000 users' account data downloaded - latimes.com
- The Worst Passwords - Use These and Hackers Will Love You
- Creative director says future editions of ‘Assassin’s Creed’ may not leap ahead in time - The Washington Post
- Solar Flares of Giant Sunspot AR1520 (Pictures) | Space.com
- Bing Editors' Picks: A guide to great sites (Website of the Week)
- Nifty Way to Safely Move Folders or Programs to Another Drive or Partition in Windows 7
- Electric Fans May Be Risky in Extreme Heat
- Migraines: 5 Lifestyle Changes to Make
- You Can Hide Your Lying Eyes
- Wells Fargo to Settle Mortgage Bias Charges - NYTimes.com
- Massacre Reported in Syria as Security Council Meets - NYTimes.com
- In Rory Staunton’s Fight for His Life, Signs That Went Unheeded - NYTimes.com
- Cross-platform Trojan checks your OS: Attacks Windows, Mac, Linux | ZDNet