Language Selection

English French German Italian Portuguese Spanish

Hold that (trojan) horse!

Filed under
Linux
Security

The current news making a big splash around the Linux community is of a trojan that has been created and deployed on the Gnome-look website. It was disguised as a screen saver and was simply a collection of malicious scripts packaged up in a Debian/Ubuntu package. Notice I am saying was. Within three hours a fix was developed and posted and the problem package removed from the web site.

What this shows to me is that Linux has become popular enough that script kiddies have started turning their 5k1llz to Linux. As has been predicted by microsoft zealots for ages. This trojan, primitive as it was, is just the beginning. I found out about this from Linuxtoday.com which directed me to this article. Naturally I had to put my two cents worth in Smile

For a start this trojan can not automatically install itself. It is not a virus and relies on social engineering to be effective.

Rest Here




More in Tux Machines

systemd and DebConf16

  • systemd backport of v230 available for Debian/jessie
    At DebConf 16 I was working on a systemd backport for Debian/jessie. Results are officially available via the Debian archive now. In Debian jessie we have systemd v215 (which originally dates back to 2014-07-03 upstream-wise, plus changes + fixes from pkg-systemd folks of course). Now via Debian backports you have the option to update systemd to a very recent version: v230. If you have jessie-backports enabled it’s just an `apt install systemd -t jessie-backports` away. For the upstream changes between v215 and v230 see upstream’s NEWS file for list of changes. (Actually the systemd backport is available since 2016-07-19 for amd64, arm64 + armhf, though for mips, mipsel, powerpc, ppc64el + s390x we had to fight against GCC ICEs when compiling on/for Debian/jessie and for i386 architecture the systemd test-suite identified broken O_TMPFILE permission handling.)
  • DebConf16 low resolution videos
    If you go to the Debian video archive, you will notice the appearance of an "lq" directory in the debconf16 subdirectory of the archive. This directory contains low-resolution re-encodings of the same videos that are available in the toplevel.

Linux Kernel

Red Hat News

Android Leftovers