New
#1
Even Linux is not safe any more
I just stepped on this article which is frightning for Linux users.
https://blogs.rsa.com/thieves-reaching-for-linux-hand-of-thief-trojan-targets-linux-inth3wild/
I just stepped on this article which is frightning for Linux users.
https://blogs.rsa.com/thieves-reaching-for-linux-hand-of-thief-trojan-targets-linux-inth3wild/
If you take the time to read the entire article, you'll find it's not as "frightening" as you would lead us to believe with your comment. But, thanks for posting, it's very interesting.
The last time I checked, email spam, and the gamut of other social engineering tricks, are not Linux, and all users, no matter which operating system they use, should make it a point, to be up to speed, and aware of the latest info on, and defenses from, those issues.Although Hand of Thief comes to the underground at a time when commercial Trojans are high in demand, writing malware for the Linux OS is uncommon, and for good reason. In comparison to Windows, Linux’s user base is smaller, considerably reducing the number of potential victims and thereby the potential fraud gains. Secondly, since Linux is open source, vulnerabilities are patched relatively quickly by the community of users. Backing this up is the fact that there aren’t significant exploit packs targeting the platform. In fact, in a conversation with the malware’s sales agent, he himself suggested using email and social engineering as the infection vector.
I for one, however, am not going to worry much about Linux. Nor, in fact, am I going to worry much when I'm on my Windows partition either.
Last edited by Bluesan; 05 Jan 2014 at 19:18.
Interesting question for the future.
Jim
Also, with recent recommendations to leave the supposedly
insecure Windows OS for the safer Linux distributions, does Hand of Thief
represent the early signs of Linux becoming less secure as cybercrime migrates
to the platform?
LOL, glad to hear it!
I'd invite both of you to read this one too (it's a follow-up from 9/4/13 on the blog post referenced, from 8/7/13, in post #1):
Linux 'Hand of Thief ' bank Trojan is not viable malware, says RSA - Techworld.comLinux 'Hand of Thief ' bank Trojan is not viable malware, says RSA
and, if you have time, read this one too, from 9/5/13:
Infosecurity - Hand of Thief Trojan Has No ClawsHand of Thief Trojan Has No Claws
There are certainly more articles if you search for them, and, I'm quite sure you're aware, you just have to be careful of the publication dates. Earlier articles will tell you this is a big deal, later dates will tell you that it's pretty much a bust.
I do truly believe, as I mentioned, that there more than likely lies down the road, some issues for Linux with malware, but, as I said in my first post, I certainly don't see where Linux users need to be "frightened" with this trojan.
Also as said, if you practice safe browsing habits, both Linux and Windows can be pretty safe to use.
Unless, of course, all of this has less to do with lions and tigers and trojans (oh my), and more to do with the fact that haters gotta hate. I see a lot of that in the Windows forums against Linux, and in the Linux forums against Windows, and all things Microsoft.
Oh well.
I am certainly not in that class. I run Windows 7 and 8.1 side by side with Mint and Zorin. I used to also have Ubuntu but since they came out with the Unity UI and Gnome 3, I gave it up. The only system I really don't like any more is Fedora - too much terminal work. That is too tiresome for an old man, LOL.haters gotta hate
Much like you, I'm an old guy too, and have experienced similar likes and dislikes with Linux. For several years now, though Debian is probably my favorite distro, I've been involved with the development process for both Xubuntu and Ubuntu (under a different user name than "Bluesan"), and recently, I tried Unity again, and it's much changed. And, unlike you I guess, I do use the terminal extensively.
Currently, I'm running a dual boot of Windows 7, and the development version of Ubuntu 14.04, which is the one I'm on right now - see screenshot.
Like you, I'm sure, I go back to the original browser wars between Netscape and Internet Explorer, and though I probably could have, I've never held a grudge against Microsoft, and have always run the latest Windows version on one of my machines to stay in touch with what they're doing. (Yes, I have tried Windows 8, and it's a no go for me. Window 9, or 8.2, or whatever they'll call it, I hope will be to Windows 8, what Windows 7 was to Vista.)
I committed to Linux +/- 10 years ago, but, I do enjoy Windows 7, and though I don't post often, I visit here frequently.
Take care, and have a good week...
:)
Edit:
Added Ubuntu 14.04 screenshot
Last edited by Bluesan; 01 Feb 2014 at 03:06.
I run all my Linux distros and Windows 8.1 in virtual under VMware Player from an external 256GB SSD. A LOT easier than dual boot and I can run side by side with my host systems which are all Windows 7.
When I go to another machine, I just put my SSD into the caddy and I have all my systems available. One install and one update effort for all my PCs - can't have it any easier. I still have to do maintenance on all those Windows 7s, but all the other OS installations are 'bundled' on the SSD.