Here's some news that we Linux Users, have not been waiting for. But, many of us expected to come along, at some point...
Don
Skipping one down...
There are plenty of instances out there (this is especially true of Ubuntu), where you can simply add a PPA to apt-get and install an application without benefiting from the vetting process. This means that anyone can roll up an appealing software application (complete with Hand of Thief), create a repository, and trick people into installing the trojan. The caveat is that most Linux users are far more savvy than to just install random packages.
Or are they?
The Linux community has finally reached a point where caution will have to be applied. Once upon a time, I would randomly add a repository, based on a need I had, and install it with little thought to the consequences of what could happen. That time has long since passed. Now, if a package isn't found in the official repositories (or a known, safe, repository), I will not install said package. There are exceptions, of course. If I need to install a package from source, and I know the source is safe, I'll install. Outside of that, no way.
I've been using Linux for a long, long time. I never thought I'd see the day when I had to actually warn users of trojans such as Hand of Thief, but here we are. Of course, main distributions have the means to help protect you from such attacks (SELinux, repository/package signing, firewalls, etc), but that doesn't mean you can just blindly continue on as you always have. It's time to start being a bit more vigilant about how you use your Linux desktop. Here are some suggestions:
Read More...
http://www.techrepublic.com/blog/linux-and-open-source/hand-of-thief-malware-could-be-dangerous-if-you-install-it/?ftag=TRE475558a&s_cid=e011&tag=nl.e011&ttag=e011
Update: (09-07-13)
Don
Hand of Thief malware could be dangerous (if you install it)
Jack Wallen takes a look at the Hand of Thief trojan and what it means for the Linux community.
This past week marked one of the first times I've seen the media actually present a real "warning" to Linux users. That warning was about the new “Hand of Thief” trojan that targets Linux desktop systems to steal bank account information. What this trojan does is use a form grabber to steal login credentials of those using Internet banking. The trojan captures the URL, username, password, and timestamp of when you logged in. Once the information is captured, it's sent to a control server and then sold.Skipping one down...
There are plenty of instances out there (this is especially true of Ubuntu), where you can simply add a PPA to apt-get and install an application without benefiting from the vetting process. This means that anyone can roll up an appealing software application (complete with Hand of Thief), create a repository, and trick people into installing the trojan. The caveat is that most Linux users are far more savvy than to just install random packages.
Or are they?
The Linux community has finally reached a point where caution will have to be applied. Once upon a time, I would randomly add a repository, based on a need I had, and install it with little thought to the consequences of what could happen. That time has long since passed. Now, if a package isn't found in the official repositories (or a known, safe, repository), I will not install said package. There are exceptions, of course. If I need to install a package from source, and I know the source is safe, I'll install. Outside of that, no way.
I've been using Linux for a long, long time. I never thought I'd see the day when I had to actually warn users of trojans such as Hand of Thief, but here we are. Of course, main distributions have the means to help protect you from such attacks (SELinux, repository/package signing, firewalls, etc), but that doesn't mean you can just blindly continue on as you always have. It's time to start being a bit more vigilant about how you use your Linux desktop. Here are some suggestions:
- Do not install unsigned packages
- Do not add unofficial repositories without investigating said repository
- Keep your system up to date at all times
- Keep all browser plugins up to date
- If your distribution has SELinux, use it
- Do not let others install software on your machines
- Use solid passwords
- If asked to enter root user (or sudo) password, always know why
Read More...
http://www.techrepublic.com/blog/linux-and-open-source/hand-of-thief-malware-could-be-dangerous-if-you-install-it/?ftag=TRE475558a&s_cid=e011&tag=nl.e011&ttag=e011
Update: (09-07-13)
Linux - maybe the 'Hand of Thief ' bank Trojan, aimed at Linux OS's, isn't as bad as they first thought
Editor's Picks
IT Buying Cycle
Learn more- Virus info - Hand of Thief - Linux Trojan
- Hand of Thief malware could be dangerous (if you install it) - TechRepublic
- Linux Today - Hand of a Thief malware targets Linux users' bank accounts
- Hand of a Thief malware targets Linux users’ bank accounts | Apps and Software | Geek.com
- avast! blog » Linux Trojan “Hand of Thief” ungloved
- Linux Virus - Google Custom Search on DonsDeals Blog
- DonsDeals: Linux users be Aware of this Trojan - Hand of Thief malware could be dangerous (if you install it) - TechRepublic
- Virus info Linux and Windows
- trinity - Google Search
- DonsDeals: BBC NEWS | Programmes | Click | BBC team exposes cyber crime risk
- DonsDeals: Updated Conficker Ropes Victims into Rogue Antivirus Scam
- DonsDeals: Jotti's malware scan
- DonsDeals: Free Agent: Linux Firewalls and Antivirus--Needed or Not? - PCWorld
- DonsDeals: Immunet v2 update on the way: adds multi-engine malware and virus scanning to cloud-powered core
- DonsDeals: The first Linux botnet? | ITworld
- DonsDeals: PC Hell: Free RootKit Removal Tools and Software
- DonsDeals: Trinityhome : New TRK 3.4: easier than ever before
- DonsDeals: Conficker Worm Called An Epidemic
- DonsDeals: Setting up Avast Antivirus to Protect your Windows PC...
- DonsDeals: VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 37 AntiVirus Engines!
- DonsDeals: M86 Security Finds URL Filters Anti Virus Scanners Ineffective
- Jotti's malware scan
- VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 36 AntiVirus Engines!
- DonsDeals: Probably the Best Free Security List in the World
- DonsDeals: Re: Viruses now penetrating deeper | Tech News on ZDNet
- DonsDeals: Avast! AntiVirus For Both Window and Linux Home Edition
- remove sasser virus - Google Search
- remove sasser virus - Google Search
- wine gecko - Google Search
- crafted.win32file.ols - Google Search
- DonsDeals: Best Free Rootkit Scanner/Remover
- DonsDeals: New Kneber Botnet Tied To 75 000 Systems
- DonsDeals: Facebook Users Targeted By Fake Virus Alert
- Clam AntiVirus
- avast! Linux Home Edition
- ClamWin CD/USB - HowTo
- Free Antivirus for Windows - Open source GPL virus scanner
- WinPlanet Downloads for Windows Desktop Utilities
- DonsDeals: Download Comodo System-Cleaner
- DonsDeals: Firewall & Antivirus Software Suite - Internet Security | Comodo
- DonsDeals: Free Desktop PC Security - Free Downloads Keep your PC Safe | Comodo
- Trojans - Google Search
- Trojan horse (computing) - Wikipedia, the free encyclopedia
- worms computer - Google Search
- Computer worm - Wikipedia, the free encyclopedia
- rootkits computer - Google Search
- How to Detect Rootkits on a Computer | eHow.com
- Rootkit - Wikipedia, the free encyclopedia
- trojans computer - Google Search
- Trojan - Trojans and Viruses in Computer Networking
- Download System-Cleaner
- Comodo - Google Search
- Firewall & Antivirus Software Suite - Internet Security | Comodo
- DonsDeals: There are Viruses, Trojans, Worms and Rootkits, that can infect a Linux OS
- DonsDeals: Probably the best free security list in the world
- Remote PC through VPN Access - Secure Remote Access | Comodo
- News | VirusBlokAda
- online virus scan file upload - Google Search
- VirusTotal - Free Online Virus, Malware and URL Scanner
- Antivirus scan for 5cb14d0745d7b09bcbeba3114cc06c5f at UTC - VirusTotal
- trojan.tdss-7762 - Google Search
- Clam AntiVirus
- New Linux Rootkit Emerges | threatpost
- CrowdStrike: HTTP iframe Injecting Linux Rootkit
- The Rootkit Hunter project
- Lynis
- Unhide homepage - Welcome
- Google Translate - http://www.chkrootkit.org/download.htm
- klamav - Google Search
- KlamAV - ClamAV for KDE | Free Development software downloads at SourceForge.net
- KlamAV GUI Screen Animation
- KlamAV
- Download RogueKiller (Official website)
- RogueKiller - CNET Download.com
- avast! blog » Linux Trojan “Hand of Thief” ungloved
- Hand of Thief malware could be dangerous (if you install it) - TechRepublic
- Hand of a Thief malware targets Linux users’ bank accounts | Apps and Software | Geek.com
- Linux Today - Hand of a Thief malware targets Linux users' bank accounts
- Linux Virus - Google Custom Search on DonsDeals Blog
- DonsDeals: CrowdStrike - HTTP iframe Injecting Linux Rootkit (Vrius info)
- DonsDeals: TDL4 MBR Rootkit Virus Alureon TDSS Removal by Britec - YouTube
- best secutriy list - Google Custom Search on DonsDeals Blog
- best security list 2013 - Search on DonsDeals Blog
- DonsDeals: Privacy = Security and Security = Privacy...
- Search results for Gizmo's Freeware website
- Probably the Best Free Security List in the World
- DonsDeals: Probably the Best Free Security List in the World - Updated 28. August 2012
- Best Security List - Google Custom Search on DonsDeals Blog
- DonsDeals: Linux users be Aware of this Trojan - Hand of Thief malware could be dangerous (if you install it) - TechRepublic
- Virus Software and How To's
- Virus Effect Remover | Download Virus Effect Remover software for free at SourceForge.net
- RegRun Reanimator - free Trojan/Adware/Spyware removal tool - Greatis Software
- Emsisoft BlitzBlank - Removes malware infections that nothing else removes
- Threat Killer - Security Solutions & Information Technology - NoVirusThanks
- Probably the Best Free Security List in the World
- F-Secure Labs
- Easy Clean, Free Virus Removal - Free Download | F-Secure
- How to Use Stinger | McAfee Free Tools
- Free Online Tools
- Virus info on trojan.bat.killproc.a that was on the Dell Inspiron 6000 Laptop
- trojan.bat.killproc.a - Google Search
- How to remove Trojan.Bat.Killproc.A
- Trojan.BAT.KillProc.A [Ikarus] | ThreatExpert Statistics
- Encyclopedia entry: Trojan:BAT/Killav.Z - Learn more about malware - Microsoft Malware Protection Center
- Trojan.BAT.KillProc.A aka Troj/BAT.KillProc-A Characteristics and Removal Instructions
- Troj/KillProc-A - Viruses and Spyware - Threat Analyses - Threat Center - Sophos
- Virus Hoax Info
- The Sector Zero/Virtual Card For You "Virus" Hoax - U-M Virus Busters
- TREND MICRO - Security Information
- BAD VIRUS IMPORTANT TO READ THIS IS VERY, VERY REAL. - Google Search
- A new virus has just been discovered that has be en classified by Microsoft as the most destructive ever. This virus was discovered yesterday afternoon by McAfee . This virus simply destroys Sector Zero from the hard disk, where vital information for its functioning are stored. - Google Search
- McAfee - Google Search
- Search Results: This virus simply destroys Sector Zero
- Search Advisory, Vulnerability, and Virus Database - Secunia
- Gizmo's - How to Remove Old & Dangerous Versions of Java | Gizmo's Tech Support Alert
- Virus Hoax Info
- McAfee - Google Search
- The Sector Zero/Virtual Card For You "Virus" Hoax - U-M Virus Busters
- Life Is Beautiful Virus Hoax - BreakTheChain.org
- Symantec Security Response - Virtual Card for You
- Welcome to F-Secure, Securing the Mobile Enterprise
- McAfee - Computer Anti-Virus Software and Internet Security For Your PC
- Sector Zero virus - Google Search
- Virus Info
- Operation Bot Roast - Google Search
- FBI DOJ Reveal Operation Bot Roast
- Federal Bureau of Investigation - Press Room - Headline Archives - OPERATION: BOT ROAST‘Bot-herders’ Charged as Part of Initiative
- TREND MICRO - Security Information:
- top virus threats - Google Search
- Virus Threats and Analysis
- CNET Security Center - CNET.com
- Massive Web attack gains momentum | Tech news blog - CNET News.com
- Report Phishing Sites
- reaper computer virus - Google Search
- 25th anniversary of the computer virus? Not so fast | Tech news blog - CNET News.com
- 25th anniversary of the computer virus? Not so fast | The Digital Home - CNET Blogs
- computer virus that infects people - Google Search
- computer virus that infects people - Google Book Search
- RFID Viruses and Worms
- Faculty of Science : Vrije Universiteit
- Secunia reviews - Google Search
-
- Secunia Security Patch Updater
- PSI - Personal Software Inspector - Secunia
- Secunia - Google Search
- Vulnerability and Virus Information - Secunia
- Secunia reviews - Google Search
- Search Advisory, Vulnerability, and Virus Database - Secunia
- avast! Linux Home Edition 1.x - Vulnerability Report - Secunia
- Search Advisory, Vulnerability, and Virus Database - Secunia
- decompression bomb - Google Search
- Zip bomb - Wikipedia, the free encyclopedia
- Know This Term : "Decompression Bomb"
- AERAsec - Network Security - Eigene Advisories
- Boot sector virus repair
- bios virus fix vista - Google Search
-
- Online Virus Scanners
- Online malware scan
- Free Virus Scan - Kaspersky Lab
- online virus scan free - Google Search
- F-Secure Support pages: F-Secure Online Virus Scanner
- Free online antivirus. Download ActiveScan 2.0 and clean your PC. Panda Security
- Free online antivirus. Download ActiveScan 2.0 and clean your PC. Panda Security
- Trend Micro HouseCall - Free Online Virus and Spyware Scan - Trend Micro USA
- BitDefender Online Scanner - Free Online Virus Scan
- BitDefender Online Scanner FAQ
- Hbinst.exe - Google Search
- Removing Confounding Conficker
- w32/magistr.a@mm - Google Search
- Virus Software:Online Virus Scanners
- Norton Symantec Online Scan-Automated Support Assistant
- BitDefender - AntiVirus - AntiSpam - Firewall Software, Data Security, Free Protection, Scan Online, Email Protection
- Anti Virus - Online Antivirus Scan
- Virus info
- xerver virus warning - Google Search
- Xerver Multiple Request DoS: Attack Signature - Symantec Corp.
- Win32:Trojan-gen - Google Search
- Avast reports possible trojan, Win32:Trojan-gen(Delphi) - CNET Spyware, viruses, & security Forums
- Gizmo's - How to Remove Old & Dangerous Versions of Java | Gizmo's Tech Support Alert
- Follow up: How to write a Linux virus
- Anti Virus Software (Free)
- Free antivirus - avast! 4 Home Edition Download
- Virus Software:Calmwin - Free AntiVirus
- ClamWin CD-USB - HowTo
- Virus Software:F-Secure
- F-Secure Search Results
- F-Secure Computer Virus Information Pages Santy
- F-Secure Managed Security Products
- F-Secure Search Results-Unknown Virus-file was SpywareBlaster_exe
- F-Secure Anti-Virus for DOS & Free Virus Removal Tools
- Virus Software:F-Secure Antivirus
- F-Secure Search Results
- F-Secure Computer Virus Information Pages Santy
- F-Secure Managed Security Products
- F-Secure Search Results-Unknown Virus-file was SpywareBlaster_exe
- F-Secure Anti-Virus for DOS & Free Virus Removal Tools
No comments:
Post a Comment