Language Selection

English French German Italian Portuguese Spanish

“Hand of Thief” banking trojan doesn’t do Windows—but it does Linux

Filed under
Linux
Security

Signaling criminals' growing interest in attacking non-Windows computers, researchers have discovered banking fraud malware that targets people using the open-source Linux operating system.

Hand of Thief, which was recently discovered by researchers from security firm RSA, sells for about $2,000 in underground Internet forums and boasts its own support and sales agents. Its functionality—consisting of form grabbers and backdoor capabilities—is rudimentary compared to Windows banking trojans spawned from the Citadel or Blackhole exploit kits, but that's likely to change. RSA researcher Limor Kessem said she expects Hand of Thief to become a full-blown banking trojan that includes more advanced features such as the ability to inject attacker-controlled content into trusted bank webpages.

"Although Hand of Thief comes to the underground at a time when commercial trojans are high in demand, writing malware for the Linux OS is uncommon, and for good reason," Kessem wrote. "In comparison to Windows, Linux's user base is smaller, considerably reducing the number of potential victims and thereby the potential fraud gains."

rest here




More in Tux Machines

Ubuntu 14.10 Released, openSUSE GNOME Peek, and Debian Multimedia

ubuntuThe release of Ubuntu 14.10, codenamed Utopic Unicorn, was the big news today. But in other news, Kostas Koudaras has a sneak peek of GNOME in upcoming openSUSE 13.2 and Alessio Treglia shared some bits on Debian 8.0 multimedia. Miguel de Icaza announces Mono for the Unreal Engine and, finally, Erich Schubert says avoiding systemd isn't hard at all. Read more

eBay joins open-source community with ultra-fast OLAP engine for Hadoop

Like arch-rival Amazon.com, the soon-to-split eBay Inc. is something of an oddity in that it hasn’t historically been a big contributor to the open-source community. But the e-commerce pioneer hopes to change that with the release of the source-code for a homegrown online analytics processing (OLAP) engine that promises to speed up Hadoop while also making it more accessible to everyday enterprise users. Read more

DHS report makes recommendations for greater open source software use in government

A report commissioned by the Homeland Security Department's Science and Technology Directorate say barriers to using and developing open source software must be addressed as IT budgets across government continue to tighten. Read more

Calculate Linux Provides Consistency by Design

Calculate Linux has a rather interesting strategy for desktop environments. It is characterized by two flavors with the same look and feel. That does not mean that the inherent functionality of the KDE and Xfce desktops are compromised. Rather, the Calculate Linux developers did what you seldom see within a Linux distribution with more than one desktop option: They unified the design. Read more