[Novalug] "Hand of Thief Malware" targets linux
Bonnie Dalzell
bdalzell@qis.net
Tue Aug 20 11:51:50 EDT 2013
On Tue, 20 Aug 2013, Jay Hart wrote:
> Why would you install it on your machine?
>
Article suggests that it gets installed by social engineering.
Different article mentions corrupted applications that are not coming to
you via something like Ubuntu's software center. Mentions situations in
which you add a uncertified ppa so as to install something not in the
software center. The commonest situations in which I have been tempted to
do that have been some graphics programs.
Social engineering by malware promoter bundels the malware with a
desired program.
What I do not understand is the warning in some of these articles on
Hand of Thief that it can be installed by clicking on a link in e-mail.
Even if you go to a dangerous website using Linux, don't you have to
respond to a request for root or sudo password before anything like this
can be installed.
Paranoid/Nervous minds wish to know ....
> Jay
>
>> On Tue, 20 Aug 2013, Jay Hart wrote:
>>
>>> So if I read this right they have to hack the site you are going to, in order to steal your
>>> credentials.
>>>
>>> Did I miss something?
>>
>> my impression was that it grabbed your personal info as you enter it
>> by being installed on your local machine and then sent it on so someone
>> else could access your bank account.
>>
>>
>>>
>>> Jay
>>>
>>>>
>>>> Any of you who are security Gurus had experience dealing with this on
>>>> client computers?
>>>>
>>>> Linux desktop Trojan 'Hand of Thief' steals in
>>>> http://www.zdnet.com/linux-desktop-trojan-hand-of-thief-steals-in-7000019175/
>>>>
>>>>
>>>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>> Bonnie Dalzell, MA
>>>> mail:PO box 9767 Baldwin, MD, USA 21013 | EMAIL:bdalzell@qis.net
>>>> shipping address:5100 Hydes Rd 21082 (Hydes Post Office closed Jan 2012)
>>>> Freelance anatomist, vertebrate paleontologist, writer, illustrator, dog
>>>> breeder, computer nerd & iconoclast... Borzoi info at www.borzois.com.
>>>> HOME www.batw.net ART bdalzellart.batw.net BUSINESS www.boardingatwedge.com
>>>>
>>>> _______________________________________________
>>>> Novalug mailing list
>>>> Novalug@calypso.tux.org
>>>> http://calypso.tux.org/mailman/listinfo/novalug
>>>>
>>>
>>>
>>
>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> Bonnie Dalzell, MA
>> mail:PO box 9767 Baldwin, MD, USA 21013 | EMAIL:bdalzell@qis.net
>> shipping address:5100 Hydes Rd 21082 (Hydes Post Office closed Jan 2012)
>> Freelance anatomist, vertebrate paleontologist, writer, illustrator, dog
>> breeder, computer nerd & iconoclast... Borzoi info at www.borzois.com.
>> HOME www.batw.net ART bdalzellart.batw.net BUSINESS www.boardingatwedge.com
>>
>>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Bonnie Dalzell, MA
mail:PO box 9767 Baldwin, MD, USA 21013 | EMAIL:bdalzell@qis.net
shipping address:5100 Hydes Rd 21082 (Hydes Post Office closed Jan 2012)
Freelance anatomist, vertebrate paleontologist, writer, illustrator, dog
breeder, computer nerd & iconoclast... Borzoi info at www.borzois.com.
HOME www.batw.net ART bdalzellart.batw.net BUSINESS www.boardingatwedge.com
More information about the Novalug
mailing list