Loading ...
Sorry, an error occurred while loading the content.

31151Re: New Hand of Thief trojan does Linux but not windows!

Expand Messages
  • LinuxDucks
    Aug 16, 2013
      Follow Up..... ( if bored with security just delete this)

      Questions Linger About New Linux 'Hand of Thief' Trojan

      In reviewing this informative press release it is apparent or really seems this piece of malware is actually checking security and prosecution involved in Linux. I say that because being in Windows security going back to the very first adware infections/infestations - much of that was actually testing the system.

      Originally, a good portion of adware infection payloads actually included Uninstall packages with it, whereby you could navigate to the uninstallation of software (Add/Remove Programs - XP) and uninstall it like other normal legit softwares. Some even went to court saying they were not breaking laws, that the user gave permission and etc etc etc. None of that held water.

      This was also the birth of spyware for Windows about year 2001 forward with A LOT of adware packages proceeding it. Once spyware and antispyware companies (such as Webroot) and laws were being born. it became quite apparent the adware was just the clever way of testing the waters to now bombard with spyware - the actual real threats to personal information (ID Thefts) and introducing brute force instability into the system and even damage. Of course it really took a lot of persuading and petitioning and complaints to get todays modern laws in effect against spyware and in all states in the USA and most all of the world. One place that sprung up and really evolved into otherwise was https://www.stopbadware.org/ - originally helping to get laws passed turned into clearing peoples websites from bad reports in search engines from Google blah blah blah.

      THIS looks so eerily familiar now with this first-days piece of Linux malware. I will bet this is nothing more than cyber criminals testing the waters in Linux, but nevertheless is apparently waiting to become fully active.

      What I had also posted about Linux having unaccessible areas kind of leaves a head scratch. With windows some areas were restricted as Hidden Files - the operating system files etc. However, a simple permissions click allowed complete access which was extremely necessary to access \system32 in Windows and the Downloaded Program Files (active x items) to discover malware infestation. Linux has no access to Root and seems some antivirus can not scan either.

      So like I said I am far from an Advanced User on Linux but not in windows malware. That's why I made this post and my opinion about this particular piece of Linux malware. I think its just an expendable offered dummy load like a criminal stake out op. ThAT was very prevalent in numbers and growing numbers in the birth of adware/spyware days on Windows. Perhaps towards the end of this decade will their be any real concern by virtually all users of Linux over malware because it will be there. Just opinions.

      Some pieces are like POST Data seems more the server side of things as improper sanitation areas of data transferred from the desktop and as a Data Scraping type area function. The absense apparent of their Injection process claimed as not making it fully functional and more dangerous may possibly be achieved at a bad infected website running a buffer overflow attack perhaps to grab the private database contents and even destroy the website application leaving it in a DOS denial of service state? If they are toying with researchers.

      All just opinion.

      gerald philly pa usa

      --- In LINUX_Newbies@yahoogroups.com, "Joe PM" <jpmcsale@...> wrote:
      > goto
      > http://arstechnica.com/security/2013/08/hand-of-thief-banking-trojan-doesnt-do-windows-but-it-does-linux/?goback=%2Egde_65688_member_264365271
    • Show all 13 messages in this topic