[Novalug] "Hand of Thief Malware" targets linux

Bonnie Dalzell bdalzell@qis.net
Tue Aug 20 11:51:50 EDT 2013


On Tue, 20 Aug 2013, Jay Hart wrote:

> Why would you install it on your machine?
>

Article suggests that it gets installed by social engineering. 
Different article mentions corrupted applications that are not coming to 
you via something like Ubuntu's software center. Mentions situations in 
which you add a uncertified ppa so as to install something not in the 
software center. The commonest situations in which I have been tempted to 
do that have been some graphics programs.

Social engineering by malware promoter bundels the malware with a 
desired program.

What I do not understand is the warning in some of these articles on 
Hand of Thief that it can be installed by clicking on a link in e-mail.

Even if you go to a dangerous website using Linux, don't you have to 
respond to a request for root or sudo password before anything like this 
can be installed.

Paranoid/Nervous minds wish to know ....

> Jay
>
>> On Tue, 20 Aug 2013, Jay Hart wrote:
>>
>>> So if I read this right they have to hack the site you are going to, in order to steal your
>>> credentials.
>>>
>>> Did I miss something?
>>
>> my impression was that it grabbed your personal info as you enter it
>> by being installed on your local machine and then sent it on so someone
>> else could access your bank account.
>>
>>
>>>
>>> Jay
>>>
>>>>
>>>> Any of you who are security Gurus had experience dealing with this on
>>>> client computers?
>>>>
>>>> Linux desktop Trojan 'Hand of Thief' steals in
>>>> http://www.zdnet.com/linux-desktop-trojan-hand-of-thief-steals-in-7000019175/
>>>>
>>>>
>>>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>>                         Bonnie Dalzell, MA
>>>> mail:PO box 9767 Baldwin, MD, USA 21013  |  EMAIL:bdalzell@qis.net
>>>> shipping address:5100 Hydes Rd 21082 (Hydes Post Office closed Jan 2012)
>>>> Freelance anatomist, vertebrate paleontologist, writer, illustrator, dog
>>>> breeder, computer nerd & iconoclast... Borzoi info at www.borzois.com.
>>>> HOME www.batw.net    ART bdalzellart.batw.net  BUSINESS www.boardingatwedge.com
>>>>
>>>> _______________________________________________
>>>> Novalug mailing list
>>>> Novalug@calypso.tux.org
>>>> http://calypso.tux.org/mailman/listinfo/novalug
>>>>
>>>
>>>
>>
>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>                         Bonnie Dalzell, MA
>> mail:PO box 9767 Baldwin, MD, USA 21013  |  EMAIL:bdalzell@qis.net
>> shipping address:5100 Hydes Rd 21082 (Hydes Post Office closed Jan 2012)
>> Freelance anatomist, vertebrate paleontologist, writer, illustrator, dog
>> breeder, computer nerd & iconoclast... Borzoi info at www.borzois.com.
>> HOME www.batw.net    ART bdalzellart.batw.net  BUSINESS www.boardingatwedge.com
>>
>>
>
>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                        Bonnie Dalzell, MA
mail:PO box 9767 Baldwin, MD, USA 21013  |  EMAIL:bdalzell@qis.net
shipping address:5100 Hydes Rd 21082 (Hydes Post Office closed Jan 2012)
Freelance anatomist, vertebrate paleontologist, writer, illustrator, dog
breeder, computer nerd & iconoclast... Borzoi info at www.borzois.com.
HOME www.batw.net    ART bdalzellart.batw.net  BUSINESS www.boardingatwedge.com




More information about the Novalug mailing list