New Trojan Spies on Linux Users by Taking Screenshots and Recording Audio

Discussion in 'malware problems & news' started by Minimalist, Jan 19, 2016.

  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,081
  2. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    It's a pity there are no online scanners for Linux.
     
  3. quietman

    quietman Registered Member

    Joined:
    Dec 27, 2014
    Posts:
    491
    Location:
    Earth .... occasionally
    " Dr.Web malware specialists have not disclosed how this malware infects Linux computers."

    I won't be changing any aspect of my use of Linux until I have some more details on the above ....
    .... but I will be watching these folders in the meantime .....

    - $HOME/$DATA/.mozilla/firefox/profiled
    - $HOME/$DATA/.dropbox/DropboxCache
     
  4. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    From the Dr.Web website link

    Really? It installs Wine beforehand?
     
  5. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,461
    Thee extension doesn't mean it's actually a Windows PE executable.
     
  6. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    True Jones.
    Never mind my scoffing and uninformative post. Just a tad annoyed by the little info provided by Dr. Web.
     
  7. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,461
    @Baserk agreed on that much. Honestly, "have not disclosed" (as opposed to "do not yet know") does not inspire confidence.
     
  8. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    I think Dr Web may be looking for customers of a Linux persuasion!
     
  9. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,595
    This sounds like #$#$ to me. How often has someone stated they hacked something but when NO technical stuff follows it turns out to be fluff (using a nice word instead of actual)!

    My workspace is all TBB in VM's so I am not losing any sleep.
     
  10. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    Such devious ingenuity from dr web.Scare linux users into "buying" their av product.
    Try asking on an security companies website or forum if linux needs an av and of course they will say yes.

    So saddening to see scare tactics still being employed by security companies.
     
  11. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,081
    Another news from DrWeb. It looks like they've started targeting Linux market.

    http://news.softpedia.com/news/simple-yet-efficient-linux-backdoor-trojan-discovered-499371.shtml
     
  12. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    1,989
    Location:
    Brasil
    Boo-hoo.

    Does anyone know how these infect the OS? I cannot imagine a remote exploit for Linx ATM, unless the sysAdmin is irresponsible and set a weak passphrase for SSH, for example.

    Code:
    and put a dent in Linux's status as impermeable when it comes to malware
    Only people without good knowledge believe this kind of status. No OS is impermeable, specially if the admin is a derp :argh:
     
Loading...