"Hand of Thief Trojan targets all common Linux distributions"
John Hupp
lubuntu at prpcompany.com
Sat Sep 7 15:50:37 UTC 2013
On 9/6/2013 10:29 PM, Jonathan Marsden wrote:
> On 09/06/2013 11:26 AM, John Hupp wrote:
>
>> I understand that with a standard Ubuntu/Lubuntu installation not
>> running Wine, it is believed that there are no active threats that would
>> responsibly require resident anti-virus protection.
>>
>> That may still be true today, but perhaps it won't be for too much
>> longer. See the last 3 paragraphs of this article:
>>
>> http://www.crn.com/news/security/240160712/security-firms-warn-of-potential-banking-trojan-attacks.htm?cid=nl_sec
> Did you read the RSA assessment CRN got their info from? It includes:
>
>>> Initial Infection Method Still Primitive
>>>
>>> The Linux platform does not have the same type of commercial exploit
>>> packs for use in mass drive-by-download campaigns (the most popular
>>> infection method for the Windows OS). Moreover, Hand of Thief’s
>>> developer did not offer a recommended infection method, other than
>>> sending the Trojan via email and using some social engineering to
>>> have the user launch the malware on their machine.
> MY SUMMARY: Someone is building a new commercial trojan for Linux, which
> doesn't actually work yet, and there is no known way to infect anyone
> with it anyway, except persuading users to run it themselves.
>
> I'd say Linux remains a long way from needing AV, based on that!
>
> Jonathan
Agreed, that is the current state of affairs, which the CRN article
itself notes, but it also notes the developer's plan to add the
capability for drive-by downloads. So the question seems to be whether
he can make good on that.
More information about the Lubuntu-users
mailing list