Language Selection

English French German Italian Portuguese Spanish

“Hand of Thief” banking trojan doesn’t do Windows—but it does Linux

Filed under

Signaling criminals' growing interest in attacking non-Windows computers, researchers have discovered banking fraud malware that targets people using the open-source Linux operating system.

Hand of Thief, which was recently discovered by researchers from security firm RSA, sells for about $2,000 in underground Internet forums and boasts its own support and sales agents. Its functionality—consisting of form grabbers and backdoor capabilities—is rudimentary compared to Windows banking trojans spawned from the Citadel or Blackhole exploit kits, but that's likely to change. RSA researcher Limor Kessem said she expects Hand of Thief to become a full-blown banking trojan that includes more advanced features such as the ability to inject attacker-controlled content into trusted bank webpages.

"Although Hand of Thief comes to the underground at a time when commercial trojans are high in demand, writing malware for the Linux OS is uncommon, and for good reason," Kessem wrote. "In comparison to Windows, Linux's user base is smaller, considerably reducing the number of potential victims and thereby the potential fraud gains."

rest here

More in Tux Machines

Lumina Desktop 1.1 Released

The BSD-focused, Qt-powered Lumina Desktop Environment is out with its version 1.1 update. The developers behind the Lumina Desktop Environment consider it a "significant update" with both new and reworked utilities, infrastructure improvements, and other enhancements. Lumina 1.1 adds a pure Qt5 calculator, text editor improvements, the file manager has been completely overhauled, system application list management is much improved, and there is a range of other improvements. Read more

Radeon vs. Nouveau Open-Source Drivers On Mesa Git + Linux 4.9

For your viewing pleasure this Friday are some open-source AMD vs. NVIDIA numbers when using the latest open-source code on each side. Linux 4.9-rc1 was used while Ubuntu 16.10 paired with the Padoka PPA led to Mesa Git as of earlier this week plus LLVM 4.0 SVN. As covered recently, there are no Nouveau driver changes for Linux 4.9 while we had hoped the boost patches would land. Thus the re-clocking is still quite poor for this open-source NVIDIA driver stack. For the Nouveau tests I manually re-clocked each graphics card to the highest performance state (0f) after first re-clocking the cards to the 0a performance state for helping some of the GPUs that otherwise fail with memory re-clocking at 0f, as Nouveau developers have expressed this is the preferred approach for testing. Read more

Ubuntu MATE, Not Just a Whim

I've stated for years how much I dislike Ubuntu's Unity interface. Yes, it's become more polished through the years, but it's just not an interface that thinks the same way I do. That's likely because I'm old and inflexible, but nevertheless, I've done everything I could to avoid using Unity, which usually means switching to Xubuntu. I actually really like Xubuntu, and the Xfce interface is close enough to the GNOME 2 look, that I hardly miss the way my laptop used to look before Unity. I wasn't alone in my disdain for Ubuntu's flagship desktop manager switch, and many folks either switched to Xubuntu or moved to another Debian/Ubuntu-based distro like Linux Mint. The MATE desktop started as a hack, in fact, because GNOME 3 and Unity were such drastic changes. I never really got into MATE, however, because I thought it was going to be nothing more than a hack and eventually would be unusable due to old GNOME 2 libraries phasing out and so forth. Read more

EU-Fossa project submits results of code audits

The European Commission’s ‘EU Free and Open Source Software Auditing’ project (EU-Fossa) has sent its code review results to the developers of Apache HTTP server target and KeePass. The audit results are not yet made public, however, no critical vulnerabilities were found. Read more