"Hand of Thief Trojan targets all common Linux distributions"

Jonathan Marsden jmarsden at fastmail.fm
Sat Sep 7 02:29:01 UTC 2013

On 09/06/2013 11:26 AM, John Hupp wrote:

> I understand that with a standard Ubuntu/Lubuntu installation not
> running Wine, it is believed that there are no active threats that would
> responsibly require resident anti-virus protection.
> That may still be true today, but perhaps it won't be for too much
> longer.  See the last 3 paragraphs of this article:
> http://www.crn.com/news/security/240160712/security-firms-warn-of-potential-banking-trojan-attacks.htm?cid=nl_sec

Did you read the RSA assessment CRN got their info from?  It includes:

>> Initial Infection Method Still Primitive
>> The Linux platform does not have the same type of commercial exploit 
>> packs for use in mass drive-by-download campaigns (the most popular 
>> infection method for the Windows OS). Moreover, Hand of Thief’s 
>> developer did not offer a recommended infection method, other than 
>> sending the Trojan via email and using some social engineering to
>> have the user launch the malware on their machine.

MY SUMMARY: Someone is building a new commercial trojan for Linux, which
doesn't actually work yet, and there is no known way to infect anyone
with it anyway, except persuading users to run it themselves.

I'd say Linux remains a long way from needing AV, based on that!


More information about the Lubuntu-users mailing list