Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, August 09, 2013

Linux gets hit by a trojan—it’s time to sudo apt-get scared!

A big selling point of Linux-based operating systems are that they are generally immune to viruses, trojans and malware. However, this is a falsehood—no OS is 100 percent safe when it comes to these things. According to security company RSA, a team of Russian cyber-criminals have developed a trojan, named “Hand of Thief”, which targets Linux.

The security company explains that the trojan is “designed to steal information from machines running the Linux OS. This malware is currently offered for sale in closed cybercrime communities for $2,000 USD (€1,500 EUR) with free updates. The current functionality includes form grabbers and backdoor capabilities, however, it’s expected that the Trojan will have a new suite of web injections and graduate to become full-blown banking malware in the very near future. At that point, the price is expected to rise to $3,000 USD (€2,250 EUR), plus a hefty $550 per major version release”.

“The Trojan’s developer claims it has been tested on 15 different Linux desktop distributions, including Ubuntu, Fedora and Debian.

While this trojan does seem nasty and scary, it is unlikely to spread easily given Linux users’ propensity towards common-sense about installing software.



Posted on 08/09