[ubuntu-uk] Successful simple trojan hit gnome-look
Johnathon Tinsley
kirrus at kirrus.co.uk
Wed Dec 9 18:25:50 GMT 2009
Matthew Wild wrote:
> 2009/12/9 Andrew Drapper <andrew at drapper.com>:
>> It may not be the same as a sandbox, but what about installing software that
>> you are not sure about in a virtual ubuntu inside you main ubuntu say
>> using virtualbox?
>>
>
> This particular malware did nothing (so far) to the host machine, it
> simply used it (and collectively all the other machines it was
> installed on) to flood another server. Basically a primitive (yet
> effective) botnet. In this respect, if the virtual machine had network
> access, the malware would work still, it just wouldn't have the
> potential to harm *your* computer.
>
It wouldn't be hard to make this more effective either. The really scary
trojan (whose name eludes me right now), managed to use effective
algorithmically generated domain names for its update download location.
And you can hide the packages files, even corrupt the debian packaging
system to stop it from knowing about all the files you've installed...
More information about the ubuntu-uk
mailing list