Search My Blog

Tuesday, August 20, 2013

Linux users be Aware of this Trojan - Hand of Thief malware could be dangerous (if you install it) - TechRepublic

Here's some news that we Linux Users, have not been waiting for. But, many of us expected to come along, at some point...

Don

Hand of Thief malware could be dangerous (if you install it)

Jack Wallen takes a look at the Hand of Thief trojan and what it means for the Linux community.
This past week marked one of the first times I've seen the media actually present a real "warning" to Linux users. That warning was about the new “Hand of Thief” trojan that targets Linux desktop systems to steal bank account information. What this trojan does is use a form grabber to steal login credentials of those using Internet banking. The trojan captures the URL, username, password, and timestamp of when you logged in. Once the information is captured, it's sent to a control server and then sold.
Skipping one down...

There are plenty of instances out there (this is especially true of Ubuntu), where you can simply add a PPA to apt-get and install an application without benefiting from the vetting process. This means that anyone can roll up an appealing software application (complete with Hand of Thief), create a repository, and trick people into installing the trojan. The caveat is that most Linux users are far more savvy than to just install random packages.
Or are they?
The Linux community has finally reached a point where caution will have to be applied. Once upon a time, I would randomly add a repository, based on a need I had, and install it with little thought to the consequences of what could happen. That time has long since passed. Now, if a package isn't found in the official repositories (or a known, safe, repository), I will not install said package. There are exceptions, of course. If I need to install a package from source, and I know the source is safe, I'll install. Outside of that, no way.
I've been using Linux for a long, long time. I never thought I'd see the day when I had to actually  warn users of trojans such as Hand of Thief, but here we are. Of course, main distributions have the means to help protect you from such attacks (SELinux, repository/package signing, firewalls, etc), but that doesn't mean you can just blindly continue on as you always have. It's time to start being a bit more vigilant about how you use your Linux desktop. Here are some suggestions:
  • Do not install unsigned packages
  • Do not add unofficial repositories without investigating said repository
  • Keep your system up to date at all times
  • Keep all browser plugins up to date
  • If your distribution has SELinux, use it
  • Do not let others install software on your machines
  • Use solid passwords
  • If asked to enter root user (or sudo) password, always know why
The good news is that Hand of Thief must have the root (or sudo) password in order to install. If you don't enter the password, it can't add itself to your machine. That's the plus side... for now. It's only a matter of time, however, before someone figures out a way to get something as sinister as HoT onto your machine without you knowing it. I've said this before, and I'll say it again, any machine that's plugged into a network connection is vulnerable -- Windows, Mac, and even Linux.
Read More...
http://www.techrepublic.com/blog/linux-and-open-source/hand-of-thief-malware-could-be-dangerous-if-you-install-it/?ftag=TRE475558a&s_cid=e011&tag=nl.e011&ttag=e011

Update: (09-07-13)

Linux - maybe the 'Hand of Thief ' bank Trojan, aimed at Linux OS's, isn't as bad as they first thought



Editor's Picks





IT Buying Cycle

Learn more

Virus info - Hand of Thief - Linux Trojan
Hand of Thief malware could be dangerous (if you install it) - TechRepublic
Linux Today - Hand of a Thief malware targets Linux users' bank accounts
Hand of a Thief malware targets Linux users’ bank accounts | Apps and Software | Geek.com
avast! blog » Linux Trojan “Hand of Thief” ungloved
Linux Virus - Google Custom Search on DonsDeals Blog
DonsDeals: Linux users be Aware of this Trojan - Hand of Thief malware could be dangerous (if you install it) - TechRepublic
Virus info Linux and Windows
trinity - Google Search
DonsDeals: BBC NEWS | Programmes | Click | BBC team exposes cyber crime risk
DonsDeals: Updated Conficker Ropes Victims into Rogue Antivirus Scam
DonsDeals: Jotti's malware scan
DonsDeals: Free Agent: Linux Firewalls and Antivirus--Needed or Not? - PCWorld
DonsDeals: Immunet v2 update on the way: adds multi-engine malware and virus scanning to cloud-powered core
DonsDeals: The first Linux botnet? | ITworld
DonsDeals: PC Hell: Free RootKit Removal Tools and Software
DonsDeals: Trinityhome : New TRK 3.4: easier than ever before
DonsDeals: Conficker Worm Called An Epidemic
DonsDeals: Setting up Avast Antivirus to Protect your Windows PC...
DonsDeals: VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 37 AntiVirus Engines!
DonsDeals: M86 Security Finds URL Filters Anti Virus Scanners Ineffective
Jotti's malware scan
VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 36 AntiVirus Engines!
DonsDeals: Probably the Best Free Security List in the World
DonsDeals: Re: Viruses now penetrating deeper | Tech News on ZDNet
DonsDeals: Avast! AntiVirus For Both Window and Linux Home Edition
remove sasser virus - Google Search
remove sasser virus - Google Search
wine gecko - Google Search
crafted.win32file.ols - Google Search
DonsDeals: Best Free Rootkit Scanner/Remover
DonsDeals: New Kneber Botnet Tied To 75 000 Systems
DonsDeals: Facebook Users Targeted By Fake Virus Alert
Clam AntiVirus
avast! Linux Home Edition
ClamWin CD/USB - HowTo
Free Antivirus for Windows - Open source GPL virus scanner
WinPlanet Downloads for Windows Desktop Utilities
DonsDeals: Download Comodo System-Cleaner
DonsDeals: Firewall & Antivirus Software Suite - Internet Security | Comodo
DonsDeals: Free Desktop PC Security - Free Downloads Keep your PC Safe | Comodo
Trojans - Google Search
Trojan horse (computing) - Wikipedia, the free encyclopedia
worms computer - Google Search
Computer worm - Wikipedia, the free encyclopedia
rootkits computer - Google Search
How to Detect Rootkits on a Computer | eHow.com
Rootkit - Wikipedia, the free encyclopedia
trojans computer - Google Search
Trojan - Trojans and Viruses in Computer Networking
Download System-Cleaner
Comodo - Google Search
Firewall & Antivirus Software Suite - Internet Security | Comodo
DonsDeals: There are Viruses, Trojans, Worms and Rootkits, that can infect a Linux OS
DonsDeals: Probably the best free security list in the world
Remote PC through VPN Access - Secure Remote Access | Comodo
News | VirusBlokAda
online virus scan file upload - Google Search
VirusTotal - Free Online Virus, Malware and URL Scanner
Antivirus scan for 5cb14d0745d7b09bcbeba3114cc06c5f at UTC - VirusTotal
trojan.tdss-7762 - Google Search
Clam AntiVirus
New Linux Rootkit Emerges | threatpost
CrowdStrike: HTTP iframe Injecting Linux Rootkit
The Rootkit Hunter project
Lynis
Unhide homepage - Welcome
Google Translate - http://www.chkrootkit.org/download.htm
klamav - Google Search
KlamAV - ClamAV for KDE | Free Development software downloads at SourceForge.net
KlamAV GUI Screen Animation
KlamAV
Download RogueKiller (Official website)
RogueKiller - CNET Download.com
avast! blog » Linux Trojan “Hand of Thief” ungloved
Hand of Thief malware could be dangerous (if you install it) - TechRepublic
Hand of a Thief malware targets Linux users’ bank accounts | Apps and Software | Geek.com
Linux Today - Hand of a Thief malware targets Linux users' bank accounts
Linux Virus - Google Custom Search on DonsDeals Blog
DonsDeals: CrowdStrike - HTTP iframe Injecting Linux Rootkit (Vrius info)
DonsDeals: ‪TDL4 MBR Rootkit Virus Alureon TDSS Removal by Britec‬‏ - YouTube
best secutriy list - Google Custom Search on DonsDeals Blog
best security list 2013 - Search on DonsDeals Blog
DonsDeals: Privacy = Security and Security = Privacy...
Search results for Gizmo's Freeware website
Probably the Best Free Security List in the World
DonsDeals: Probably the Best Free Security List in the World - Updated 28. August 2012
Best Security List - Google Custom Search on DonsDeals Blog
DonsDeals: Linux users be Aware of this Trojan - Hand of Thief malware could be dangerous (if you install it) - TechRepublic
Virus Software and How To's
Virus Effect Remover | Download Virus Effect Remover software for free at SourceForge.net
RegRun Reanimator - free Trojan/Adware/Spyware removal tool - Greatis Software
Emsisoft BlitzBlank - Removes malware infections that nothing else removes
Threat Killer - Security Solutions & Information Technology - NoVirusThanks
Probably the Best Free Security List in the World
F-Secure Labs
Easy Clean, Free Virus Removal - Free Download | F-Secure
How to Use Stinger | McAfee Free Tools
 
Commercial free virus removal tools
PCH Search & Win: free virus removal
Security Response Removal Tools - Symantec Corp.
Virus Removal Tools
PC Tools AntiVirus Free - Download Antivirus and Antispyware Software for Windows®
Free Virus Removal Protection | Virus Removal Tools | McAfee
Free Online Tools

Virus info on trojan.bat.killproc.a that was on the Dell Inspiron 6000 Laptop
trojan.bat.killproc.a - Google Search
How to remove Trojan.Bat.Killproc.A
Trojan.BAT.KillProc.A [Ikarus] | ThreatExpert Statistics
Encyclopedia entry: Trojan:BAT/Killav.Z - Learn more about malware - Microsoft Malware Protection Center
Trojan.BAT.KillProc.A aka Troj/BAT.KillProc-A Characteristics and Removal Instructions
Troj/KillProc-A - Viruses and Spyware - Threat Analyses - Threat Center - Sophos

Virus Hoax Info
The Sector Zero/Virtual Card For You "Virus" Hoax - U-M Virus Busters
TREND MICRO - Security Information
BAD VIRUS IMPORTANT TO READ THIS IS VERY, VERY REAL. - Google Search
A new virus has just been discovered that has be en classified by Microsoft as the most destructive ever. This virus was discovered yesterday afternoon by McAfee . This virus simply destroys Sector Zero from the hard disk, where vital information for its functioning are stored. - Google Search
McAfee - Google Search
Search Results: This virus simply destroys Sector Zero
Search Advisory, Vulnerability, and Virus Database - Secunia
Gizmo's - How to Remove Old & Dangerous Versions of Java | Gizmo's Tech Support Alert 
Virus Hoax Info
McAfee - Google Search
The Sector Zero/Virtual Card For You "Virus" Hoax - U-M Virus Busters
 Virus Hoaxes
Life Is Beautiful Virus Hoax - BreakTheChain.org
Symantec Security Response - Virtual Card for You
Welcome to F-Secure, Securing the Mobile Enterprise
McAfee - Computer Anti-Virus Software and Internet Security For Your PC
Sector Zero virus - Google Search
 Virus Hoaxes:Spyware Info
Internet Week Microsoft anti-spyware software Microsoft Jumps Into Spyware Space January 6, 2005

Virus Info
Operation Bot Roast - Google Search
FBI DOJ Reveal Operation Bot Roast
Federal Bureau of Investigation - Press Room - Headline Archives - OPERATION: BOT ROAST‘Bot-herders’ Charged as Part of Initiative
TREND MICRO - Security Information:
top virus threats - Google Search
Virus Threats and Analysis
CNET Security Center - CNET.com
Massive Web attack gains momentum | Tech news blog - CNET News.com
Report Phishing Sites
reaper computer virus - Google Search
25th anniversary of the computer virus? Not so fast | Tech news blog - CNET News.com
25th anniversary of the computer virus? Not so fast | The Digital Home - CNET Blogs
computer virus that infects people - Google Search
computer virus that infects people - Google Book Search
RFID Viruses and Worms
Faculty of Science : Vrije Universiteit
Secunia reviews - Google Search
 
Secunia Security Patch Updater
PSI - Personal Software Inspector - Secunia
Secunia - Google Search
Vulnerability and Virus Information - Secunia
Secunia reviews - Google Search
Search Advisory, Vulnerability, and Virus Database - Secunia
avast! Linux Home Edition 1.x - Vulnerability Report - Secunia
Search Advisory, Vulnerability, and Virus Database - Secunia
decompression bomb - Google Search
Zip bomb - Wikipedia, the free encyclopedia
Know This Term : "Decompression Bomb"
AERAsec - Network Security - Eigene Advisories
Boot sector virus repair
bios virus fix vista - Google Search
 
Online Virus Scanners
Online malware scan
Free Virus Scan - Kaspersky Lab
online virus scan free - Google Search
F-Secure Support pages: F-Secure Online Virus Scanner
Free online antivirus. Download ActiveScan 2.0 and clean your PC. Panda Security
Free online antivirus. Download ActiveScan 2.0 and clean your PC. Panda Security
Trend Micro HouseCall - Free Online Virus and Spyware Scan - Trend Micro USA
BitDefender Online Scanner - Free Online Virus Scan
BitDefender Online Scanner FAQ
Hbinst.exe - Google Search
Removing Confounding Conficker
w32/magistr.a@mm - Google Search
Virus Software:Online Virus Scanners
Norton Symantec Online Scan-Automated Support Assistant
BitDefender - AntiVirus - AntiSpam - Firewall Software, Data Security, Free Protection, Scan Online, Email Protection
Anti Virus - Online Antivirus Scan

Virus info
xerver virus warning - Google Search
Xerver Multiple Request DoS: Attack Signature - Symantec Corp.
Win32:Trojan-gen - Google Search
Avast reports possible trojan, Win32:Trojan-gen(Delphi) - CNET Spyware, viruses, & security Forums
Gizmo's - How to Remove Old & Dangerous Versions of Java | Gizmo's Tech Support Alert
Follow up: How to write a Linux virus
Anti Virus
InoculateIT Personal Edition
ClamAV 0.90.2 with old perl-les amavis
Anti Virus Software (Free)
Free antivirus - avast! 4 Home Edition Download
Virus Software:Calmwin - Free AntiVirus
ClamWin CD-USB - HowTo
Virus Software:F-Secure
F-Secure Search Results
F-Secure Computer Virus Information Pages Santy
F-Secure Managed Security Products
F-Secure Search Results-Unknown Virus-file was SpywareBlaster_exe
F-Secure Anti-Virus for DOS & Free Virus Removal Tools
Virus Software:F-Secure Antivirus
F-Secure Search Results
F-Secure Computer Virus Information Pages Santy
F-Secure Managed Security Products
F-Secure Search Results-Unknown Virus-file was SpywareBlaster_exe
F-Secure Anti-Virus for DOS & Free Virus Removal Tools
 Virus Software info for Shareaza P2P Networking Software
Webroot Security Store - homepage
webrootsecurity - Google Search
AvoidingMalware - Shareaza Wiki
Bitzi - Wikipedia, the free encyclopedia
Bitzi
Shareaza - Bringing P2P
 

No comments: