Even Linux is not safe any more

[whs]

I just stepped on this article which is frightning for Linux users.

https://blogs.rsa.com/thieves-reaching-for-linux-hand-of-thief-trojan-targets-linux-inth3wild/

 

[Bluesan]

I just stepped on this article which is frightning for Linux users.

https://blogs.rsa.com/thieves-reaching-for-linux-hand-of-thief-trojan-targets-linux-inth3wild/

If you take the time to read the entire article, you'll find it's not as "frightening" as you would lead us to believe with your comment. But, thanks for posting, it's very interesting.

Although Hand of Thief comes to the underground at a time when commercial Trojans are high in demand, writing malware for the Linux OS is uncommon, and for good reason. In comparison to Windows, Linux’s user base is smaller, considerably reducing the number of potential victims and thereby the potential fraud gains. Secondly, since Linux is open source, vulnerabilities are patched relatively quickly by the community of users. Backing this up is the fact that there aren’t significant exploit packs targeting the platform. In fact, in a conversation with the malware’s sales agent, he himself suggested using email and social engineering as the infection vector.

The last time I checked, email spam, and the gamut of other social engineering tricks, are not Linux, and all users, no matter which operating system they use, should make it a point, to be up to speed, and aware of the latest info on, and defenses from, those issues.

I for one, however, am not going to worry much about Linux. Nor, in fact, am I going to worry much when I'm on my Windows partition either.

 

[whs]

I read the whole article (I always do) and the outlook is not so good.

 

[Phone Man]

Interesting question for the future.

Also, with recent recommendations to leave the supposedly
insecure Windows OS for the safer Linux distributions, does Hand of Thief
represent the early signs of Linux becoming less secure as cybercrime migrates
to the platform?

Jim

 

[Bluesan]

Interesting question for the future.

<snip>

Jim

For sure.

 

[Layback Bear]

If any body cares I like whs read the complete article.

 

[Bluesan]

I read the whole article (I always do) and the outlook is not so good.

If any body cares I like whs read the complete article.

LOL, glad to hear it!

I'd invite both of you to read this one too (it's a follow-up from 9/4/13 on the blog post referenced, from 8/7/13, in post #1):

Linux 'Hand of Thief ' bank Trojan is not viable malware, says RSA

Linux 'Hand of Thief ' bank Trojan is not viable malware, says RSA - Techworld.com

and, if you have time, read this one too, from 9/5/13:

Hand of Thief Trojan Has No Claws

Infosecurity - Hand of Thief Trojan Has No Claws

There are certainly more articles if you search for them, and, I'm quite sure you're aware, you just have to be careful of the publication dates. Earlier articles will tell you this is a big deal, later dates will tell you that it's pretty much a bust.

I do truly believe, as I mentioned, that there more than likely lies down the road, some issues for Linux with malware, but, as I said in my first post, I certainly don't see where Linux users need to be "frightened" with this trojan.

Also as said, if you practice safe browsing habits, both Linux and Windows can be pretty safe to use.

Unless, of course, all of this has less to do with lions and tigers and trojans (oh my), and more to do with the fact that haters gotta hate. I see a lot of that in the Windows forums against Linux, and in the Linux forums against Windows, and all things Microsoft.

Oh well.

 

[whs]

haters gotta hate

I am certainly not in that class. I run Windows 7 and 8.1 side by side with Mint and Zorin. I used to also have Ubuntu but since they came out with the Unity UI and Gnome 3, I gave it up. The only system I really don't like any more is Fedora - too much terminal work. That is too tiresome for an old man, LOL.

 

[Bluesan]

haters gotta hate

I am certainly not in that class. I run Windows 7 and 8.1 side by side with Mint and Zorin. I used to also have Ubuntu but since they came out with the Unity UI and Gnome 3, I gave it up. The only system I really don't like any more is Fedora - too much terminal work. That is too tiresome for an old man, LOL.

Much like you, I'm an old guy too, and have experienced similar likes and dislikes with Linux. For several years now, though Debian is probably my favorite distro, I've been involved with the development process for both Xubuntu and Ubuntu (under a different user name than "Bluesan"), and recently, I tried Unity again, and it's much changed. And, unlike you I guess, I do use the terminal extensively.

Currently, I'm running a dual boot of Windows 7, and the development version of Ubuntu 14.04, which is the one I'm on right now - see screenshot.

Like you, I'm sure, I go back to the original browser wars between Netscape and Internet Explorer, and though I probably could have, I've never held a grudge against Microsoft, and have always run the latest Windows version on one of my machines to stay in touch with what they're doing. (Yes, I have tried Windows 8, and it's a no go for me. Window 9, or 8.2, or whatever they'll call it, I hope will be to Windows 8, what Windows 7 was to Vista.)

I committed to Linux +/- 10 years ago, but, I do enjoy Windows 7, and though I don't post often, I visit here frequently.

Take care, and have a good week...



Edit:

Added Ubuntu 14.04 screenshot

 

[whs]

I run all my Linux distros and Windows 8.1 in virtual under VMware Player from an external 256GB SSD. A LOT easier than dual boot and I can run side by side with my host systems which are all Windows 7.

When I go to another machine, I just put my SSD into the caddy and I have all my systems available. One install and one update effort for all my PCs - can't have it any easier. I still have to do maintenance on all those Windows 7s, but all the other OS installations are 'bundled' on the SSD.

 

[Bluesan]

I run all my Linux distros and Windows 8.1 in virtual under VMware Player from an external 256GB SSD. A LOT easier than dual boot and I can run side by side with my host systems which are all Windows 7.

When I go to another machine, I just put my SSD into the caddy and I have all my systems available. One install and one update effort for all my PCs - can't have it any easier. I still have to do maintenance on all those Windows 7s, but all the other OS installations are 'bundled' on the SSD.

That's pretty cool.

 

[madcratebuilder]

haters gotta hate

I am certainly not in that class. I run Windows 7 and 8.1 side by side with Mint and Zorin. I used to also have Ubuntu but since they came out with the Unity UI and Gnome 3, I gave it up. The only system I really don't like any more is Fedora - too much terminal work. That is too tiresome for an old man, LOL.

I've come to the same conclusion about Ununtu and I have given up on Fedora. I use Mint some of the time but mostly Zorin and openSUSE. I didn't care for openSUSE when I first used it but it's starting to grow on me, I'd read it was difficult but I'm finding it pretty easy to use and very fast.

Linux OS's have been virus free because it had such a small market share, hackers didn't waste time making a virus that nobody would contract. As the Linux market share grows, so does the possibilities of virus's being created to infect users.

Unless, of course, all of this has less to do with lions and tigers and trojans (oh my), and more to do with the fact that haters gotta hate. I see a lot of that in the Windows forums against Linux, and in the Linux forums against Windows, and all things Microsoft.

Oh well.

You find the haters in every aspect of life, from politics to the caliber of ammunition you prefer.

One thing I have noticed about Linux forums in general is the harsh attitude toward new users, especialy when they do not use the correct terminology. You find OS fan boys and "brand" fan boys on every forum from computers and cars to guns and gardening.

One of the best Windows forums is right here, very friendly group that can disagree without resulting in name calling.

 

[Bluesan]

haters gotta hate

I am certainly not in that class. I run Windows 7 and 8.1 side by side with Mint and Zorin. I used to also have Ubuntu but since they came out with the Unity UI and Gnome 3, I gave it up. The only system I really don't like any more is Fedora - too much terminal work. That is too tiresome for an old man, LOL.

I've come to the same conclusion about Ununtu and I have given up on Fedora. I use Mint some of the time but mostly Zorin and openSUSE. I didn't care for openSUSE when I first used it but it's starting to grow on me, I'd read it was difficult but I'm finding it pretty easy to use and very fast.

Linux OS's have been virus free because it had such a small market share, hackers didn't waste time making a virus that nobody would contract. As the Linux market share grows, so does the possibilities of virus's being created to infect users.

Unless, of course, all of this has less to do with lions and tigers and trojans (oh my), and more to do with the fact that haters gotta hate. I see a lot of that in the Windows forums against Linux, and in the Linux forums against Windows, and all things Microsoft.

Oh well.

You find the haters in every aspect of life, from politics to the caliber of ammunition you prefer.

One thing I have noticed about Linux forums in general is the harsh attitude toward new users, especialy when they do not use the correct terminology. You find OS fan boys and "brand" fan boys on every forum from computers and cars to guns and gardening.

One of the best Windows forums is right here, very friendly group that can disagree without resulting in name calling.

I'm sorry you've had that impression/experience, and I'm sad to say, that sometimes that's very true.

I've mentioned a couple of times here, that I use a different nick and email address on every forum I belong to, so, without letting the cat completely out of the bag, I'm a moderator on a Linux forum, and a global moderator with the admin panel, on another forum, that is not Linux, but is computer related.

I think I speak for most of my colleagues on both forums, when I say that I take a very dim view of anyone who answers a question with any of the multiple ways of telling the poster to RTFM. I warn once, modify the post if need be, and if it happens again, I smack them with the ban hammer.

My philosophy in forums, has always been to use kindergarten rules. In other words, take turns, and play nice. Though, of course, that doesn't mean, that when attacked by some idiot, you can't defend yourself - that's when hockey rules come into play. If it's a good fight, I usually let it go on until it looks like someone's going to get hurt.

Not much different than here on these forums, I would expect.