Linux Malware "Hand Of A Thief" Is Targeting User's Bank Accounts
Hand of a Thief is a new malware in the world of Linux operating systems that's targeting user's bank accounts. According AVAST antivirus, the malware is a Linux Trojan that was first discovered on August 7th by RSA researchers and was named 'Hand Of Thief'. This trojan is quite interesting - first it's targeting only Linux operating systems (about 15 different flavors) and second, it's targeting bank accounts of the affected users. Security experts found out that the trojan is capable of gaining back-door entry on Linux specific browsers and can grab data entered in forms. In addition, it's equipped with anti-virtualization and anti-monitoring techniques. The level of sophistication of this malware has surprised the security experts and it can be compared to the infamous FlashBack trojan that affected Apple's OSX installations and Obad for Android in the recent times.
Linux operating system, has been designed to offer high level of security for mission critical applications and even to the normal users. However, in the recent times, there were several attacks, or at least attempts, to gain access to the user computers. It looks like most of the malware was targeting sensitive information like banking credentials on compromised systems. Linux users should be aware of this trojan.
It's not clear who's behind this trojan. The trojan seems to be produced by Russian Cyber Crime group that's selling copies of this trojan for $2000, along with support. The malware will also get software updates which will enhance its defense mechanisms and also equip it with more features. The upgrades will cost $550.
Do share your thoughts on this virus and for some deeper understanding of how it works, visit the Avast source link below.
Source: #-Link-Snipped-# | Linux Trojan “Hand of Thief†ungloved
Linux operating system, has been designed to offer high level of security for mission critical applications and even to the normal users. However, in the recent times, there were several attacks, or at least attempts, to gain access to the user computers. It looks like most of the malware was targeting sensitive information like banking credentials on compromised systems. Linux users should be aware of this trojan.
It's not clear who's behind this trojan. The trojan seems to be produced by Russian Cyber Crime group that's selling copies of this trojan for $2000, along with support. The malware will also get software updates which will enhance its defense mechanisms and also equip it with more features. The upgrades will cost $550.
Do share your thoughts on this virus and for some deeper understanding of how it works, visit the Avast source link below.
Source: #-Link-Snipped-# | Linux Trojan “Hand of Thief†ungloved
Replies
-
mail154😀Well..Linux Is Also Now Under this problem,even though Linux Is Far Superior than Windows in security issues..nice post and very informative.. 😀 -
Nayan Goenka
I would like to correct you on this. Linux is not far more superior than Windows in security matters. Windows is self sufficient and it needs advanced knowledge about it to deploy security, configure internal firewall to make it unbreakable. Windows can be made unhackable provided the admin does his job at best of his ability.mail154😀Well..Linux Is Also Now Under this problem,even though Linux Is Far Superior than Windows in security issues..nice post and very informative.. 😀
Speaking on the malware, it is better not to use banks from personal computers till they make a fix for this. This is some serious issue -
Anand TamariyaNow this is unwarranted FUD. #-Link-Snipped-#
Fortunately, as Limor Kessem, one of RSA's top cyber Intelligence experts, wrote after a conversation with the Trojan's "sales agent," Hand of Thief has no good ways of infecting Linux users. Instead, the cracker "suggested using email and social engineering as the infection vector."
-
Kaustubh Katdare@#-Link-Snipped-# , you silence on this is so disturbing! 😳
-
Sarathkumar ChandrasekaranYes a friend of mine also explained about the goods of linux and its great security .My friend had removed shortcut virus which affects windows but the data can be only obtained by using linux.So this news is quite suprise to me as I always thought linux is best against viruses.
-
Abhishek Rawal
I've said this before,and I'm gonna spaz it again : Any machine connected to network/internet is vulnerable to malwares, it doesn't matter whether it's OS X, MS or Linux. The only reason why Linux is more secure is due to it's open-ness & less standalone users.Nayan GoenkaWindows can be made unhackable provided the admin does his job at best of his ability.
Speaking on the malware, it is better not to use banks from personal computers till they make a fix for this. This is some serious issue
And, anyone who's telling MS better than Linux/Unix based OS should dig some websites & check out the server statistics. No wonder why Twitter,Google & even FB prefers Linux & not Windows server. End of the story.
To the topic,
HoT is ain't first trojan to attack Linux, many trojans like this are been sold in underground forums.
Also, HoT needs to be installed with SU permission, it could be either available unsigned packages,un-official repos.
HoT is not a big threat as it won't get installed automatically unless you give SU permission to any unsigned package or not trusted PPAs.
Linux distributions are still safest as they still provide many layer of defense. -
Kaustubh Katdare@#-Link-Snipped-# - It's true that the biggest websites prefer Linux powered server and some have even drilled down to basic Unix firmwares to run their data centers. I think Windows servers are secure too; but the limiting factor for their widespread use in data centers is the cost. Linux distros would come for free and users will have to pay for the support but Windows servers cost money.
-
Abhishek Rawal@#-Link-Snipped-# Agreed on that.But, 'Cost' is not only the concern, 'Freedom' is the real reason why most servers use Linux based Servers.It gives the user freedom to customize it as per their use. MS locks you with certain protocols, while in Linux you're free to use any product that matches best for your business.
Alongwith that,Linux Kernel is capable of handling large number of processes at once, much better than Windows. Proof : #-Link-Snipped-#
Also, development of Linux kernel is fully focused in improvement of Server-side only.
In the end a quote from Linus Torvalds, "Given enough eye-balls, all bugs are shallow" -
PensuOkay, I found something new about this:
#-Link-Snipped-#
So, we survive another one! Go Tux! -
KenJackson
The mechanism that many Windows viruses use is to overflow a buffer in a very precise way so they write data which is really code in a precise location that gets executed with escalated priviledge. To do that, I think the author has to have a precise knowledge of the memory layout he's attacking.Abhishek RawalThe only reason why Linux is more secure is due to it's open-ness & less standalone users.
Anyone who acquires that knowledge of any Windows version and build is sure to find many copies of that exact version and build across the internet.
The advantage of Linux isn't just less popularity, but that few installations of Linux are the same. There are literally hundreds of distros of Linux--no two quite the same. And the Linux kernel has hundreds of options that can be compiled in or out or changed. And updates are constantly being released.
So if an evil-doer gains detailed knowledge of a particular version and build of a particular Linux distro and finds a specific exploit, he's not likely to find many vulnerable computers, even among Linux machines.
You are reading an archived discussion.
Related Posts
Gionee, the Chinese mobile maker has launched Gionee P2 phone in India with a price tag of Rs. 6499. Of course, this is an entry-level smartphone that comes with dual-SIM...
Fleep is a new startup from Estonia that's aiming to bridge the gap between email and messaging. Launched by engineers who earlier worked at Skype, you can trust the team...
i need to know about hydraulic and pneumatic piston and there rates
explain simplyy
Hey i wanted to ask you guys how do you manage to maintain your activity along with handling regular office/business work. I find it very hard to pay attention here...
New Volkswagen Polo GT TSI (TWIN-CHARGED STRATIFIED INJECTION) is having greater German technology going to be offloaded in India. It has a direct injection Turbo charged engine with seven speed...