Language Selection

English French German Italian Portuguese Spanish

“Hand of Thief” banking trojan doesn’t do Windows—but it does Linux

Filed under
Linux
Security

Signaling criminals' growing interest in attacking non-Windows computers, researchers have discovered banking fraud malware that targets people using the open-source Linux operating system.

Hand of Thief, which was recently discovered by researchers from security firm RSA, sells for about $2,000 in underground Internet forums and boasts its own support and sales agents. Its functionality—consisting of form grabbers and backdoor capabilities—is rudimentary compared to Windows banking trojans spawned from the Citadel or Blackhole exploit kits, but that's likely to change. RSA researcher Limor Kessem said she expects Hand of Thief to become a full-blown banking trojan that includes more advanced features such as the ability to inject attacker-controlled content into trusted bank webpages.

"Although Hand of Thief comes to the underground at a time when commercial trojans are high in demand, writing malware for the Linux OS is uncommon, and for good reason," Kessem wrote. "In comparison to Windows, Linux's user base is smaller, considerably reducing the number of potential victims and thereby the potential fraud gains."

rest here




More in Tux Machines

Nouveau On Oibaf PPA Is Back To Running Well

Upstream Nouveau was unaware of this issue that was affecting my entire assortment of NVIDIA GeForce hardware so it was then quickly assumed to be an issue with the Oibaf PPA that constantly is packaging the latest open-source Linux GPU drivers. On top of mainline Mesa Git, recently there's been the the Gallium3D Direct3D 9 patches (Gallium-Nine). While none of my testing was relying upon the Gallium-Nine D3D9 support, it was wreaking havoc on the system anyhow. As of earlier today some patches were backed out of the Oibaf PPA and since getting back closer to Mesa mainline the Nouveau problems are a matter of the past. With that said, now I'm in the process of running some Nouveau Steam/Source Engine Linux gaming tests similar to today's 20-Way Radeon Comparison With Open-Source Graphics For Steam On Linux Gaming. Read more

Red Hat Shake-up, Desktop Users, and Outta Time

Our top story tonight is the seemingly sudden resignation of Red Hat CTO Brian Stevens. In other news, John C. Dvorak says "Linux has run out of time" and Infoworld.com says there may be problems with Red Hat Enterprise 7. OpenSource.com has a couple of interesting interviews and Nick Heath has five big names that use Linux on the desktop. Read more

Kano's Alejandro Simon: If This, Then Do That

The OS has been available since February. It is open source. We tried to release a new version of it every two or three weeks. Anybody who runs Rasperry Pi can use it. So we already have users. They share content and discuss features and exchange idea on our forums. So far, we have sold 18,000 kits since last year, through the Kickstarter campaign via preorder. We are now in production and have most of the different pieces in place. We will start shipping by the beginning of September, hopefully. We do the materials and the hardware and the components and the packages ourselves. Finally, it is all coming together. Read more

Why Linux Isn't a Desktop Alternative

The year of the Linux desktop has become a joke, referred to ironically when mentioned at all. Under the circumstances Linus Torvalds showed either courage or naivete when he admitted last week at Linuxcon that he still wants to see Linux become popular on the desktop. However, neither Torvalds nor anyone else should stay up nights waiting for the event. Most users have no awareness of the possibility, or set impossible standards for it, even though, for a minority, the year of the Linux desktop happened years ago. The problem is not a technical one, as it was in Linux's earliest days. Linux desktops like KDE's Plasma or Linux Mint's Cinnamon are not only the equal of any proprietary desktop, but in many ways more advanced. Read more