Language Selection

English French German Italian Portuguese Spanish

“Hand of Thief” banking trojan doesn’t do Windows—but it does Linux

Filed under
Linux
Security

Signaling criminals' growing interest in attacking non-Windows computers, researchers have discovered banking fraud malware that targets people using the open-source Linux operating system.

Hand of Thief, which was recently discovered by researchers from security firm RSA, sells for about $2,000 in underground Internet forums and boasts its own support and sales agents. Its functionality—consisting of form grabbers and backdoor capabilities—is rudimentary compared to Windows banking trojans spawned from the Citadel or Blackhole exploit kits, but that's likely to change. RSA researcher Limor Kessem said she expects Hand of Thief to become a full-blown banking trojan that includes more advanced features such as the ability to inject attacker-controlled content into trusted bank webpages.

"Although Hand of Thief comes to the underground at a time when commercial trojans are high in demand, writing malware for the Linux OS is uncommon, and for good reason," Kessem wrote. "In comparison to Windows, Linux's user base is smaller, considerably reducing the number of potential victims and thereby the potential fraud gains."

rest here




More in Tux Machines

From next release onwards, Debian is tied to systemd

Anyone who installs Jessie from scratch will find that they are not offered no choice in the matter. This means that only the technically well-equipped will be able to make a switch in the event that systemd does not work as promised. Existing users of the testing stream will find, on checking, that their systems have been migrated over to systemd. Systems running the stable version of Debian have not been migrated across yet. Read more

Ubuntu to Get Native HTML5 Streaming Through Google Chrome Soon

Netflix is looking to expand its business, and one of the ways to do that is to look at what other platforms it can support. Ubuntu is the most used Linux distribution, so it stands to reason that they might be interested to have their service working on it. Read more

Uselessd: A Stripped Down Version Of Systemd

The boycotting of systemd has led to the creation of uselessd, a new init daemon based off systemd that tries to strip out the "unnecessary" features. Uselessd in its early stages of development is systemd reduced to being a basic init daemon process with "the superfluous stuff cut out". Among the items removed are removing of journald, libudev, udevd, and superfluous unit types. Read more

Android One: Let us fill you in on Google’s big game

India is now the world’s third largest Internet market and “on a bullet train to become the second”. But even when we become the second with around 300 million Internet users, India would still have over 75 per cent of the population that has no access to this so-called information superhighway. It is this chunk of population that will form the “next billion” which companies like Nokia, and now Google, has been talking about. And it is this next billion that Google thinks will line up to buy and good smartphone that is also affordable. Read more