Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Linux users targeted by password-stealing 'Wirenet' Trojan
09-02-2012, 12:06 AM,
#1
Linux users targeted by password-stealing 'Wirenet' Trojan
Quote:Linux users targeted by password-stealing 'Wirenet' Trojan

By John E Dunn | Techworld | Published: 12:58, 31 August 2012

Malware writers are interested in Linux after all. Russian security firm Dr Web has reported finding a shadowy Trojan that sets out to steal passwords on the open source platform as well as OS X.

Technical details of Wirenet.1’s operation and technique for spreading are sparse for now, but the company reports that the backdoor program targets browser passwords for Opera, Firefox, Chrome, Chromium, and as well as applications such as Thunderbird, SeaMonkey, Pidgin.

Under Linux it copies itself to the ~ / WIFIADAPT directory before attempting to connect to a command and control server hosted at 212.7.208.65 using an AES encrypted channel. That at least offers a simple way of blocking communication and any further payloads.
Related Articles on Techworld

Dr Web made a name for itself earlier this year reporting on the infamous Flashback Trojan that hit Mac users on an unprecedented scale.

It’s not clear whether Wirenet’s cross-platform capabilities extend to targeting Windows systems but it is possible that avoiding Microsoft’s OS is a way of keeping off the radar of security firms.

Cross platform malware is rare but not unheard of, the usual technique being to hook into Java in search of victims using OS X.

Malware specifically designed to steal credentials from Linux systems is almost unheard of but might, on the basis of this new discovery, become a little less so in future.

"We do not have explicit evidence that it uses Java. To my knowledge it does not. This file was received from Virustotal," Dr Web analyst Igor Zdobnov told Techworld.
“Today’s scientists have substituted mathematics for experiments, and they wander off through equation after
equation, and eventually build a structure which has no relation to reality. ” -Nikola Tesla

"When the power of love overcomes the love of power the world will know peace." -Jimi Hendrix
Reply
09-02-2012, 09:22 AM, (This post was last modified: 09-02-2012, 09:36 AM by h3rm35.)
#2
RE: Linux users targeted by password-stealing 'Wirenet' Trojan
I really appreciate the update, but considering the rise of Apple and it's uber-proprietary stance, Linux Mint (specifically beyond apple - its the brain-dead version of debian,) and ubuntu (which grew the debian-based *nix brand to what it is now,) and the fact that OS X and the architechture behind the more popular *nix distros are very similar, it's not all that surprising that, AT THE ABSOLUTE MINIMUM, articles would arise questioning their safety in the face of the scare-mongering household computer security market. I'm not discounting the fact that there may be a maliscious osx/*nix trojan, but I'd rather deal wqith one than hundreds of thousands, if not millions.

All that having been said, everyone online should recognize that every tiny bit of the information they lay out is a hook to catch your system as a pea-brained fish.

The spread of maliscious software beyond 'doze was inevitable once 'doze was exposed as a honeypot for everything alternative minds in computers hate, and then posers caught on to it. No operating system, or browser, or mail systemis vulnerable until it's allowed to be so. once you hook up without e-condoms, you're open to fatal diseases.

The benefit of * nix and apple systems, in the most basic laymen's terms I know: executive privileges given to (.exe..dll,) extensions (through 'doze) had the ability to work their way into basic functions of the system. They may allow others to steal your data, (if you don't realize you might as well have your computer screwing an AIDS patient,) and through that, they'll kill the OS.

That doesn't happen in other systems unless you attract enemies.

Think of that how you will in relation to a new phase of malware making the news in opposition to the MS office world and the reams of exploits laid out monthly against 'doze. As of the release date of the new IE and windows, 4axx0r5 won't just be fucking bored anymore.

(I reserve the right to re-read what I've said and re-evaluate it. This opinion may very well be wrong.)
[Image: conspiracy_theory.jpg]
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Linux mexika 24 5,715 05-02-2014, 04:56 PM
Last Post: nofunclub
  linux ICS questions JFK 4 1,404 10-14-2013, 10:47 AM
Last Post: JFK
  Linux Mint: Shipped with "Prism" Firefox profile Doomsticks 6 1,965 07-26-2013, 04:41 AM
Last Post: Doomsticks
Video Linux Appreciation (rock-n-roll style) Doomsticks 0 569 12-14-2012, 09:57 PM
Last Post: Doomsticks
  Firefox 'new tab' feature exposes users' secured info: Fix promised h3rm35 0 676 06-23-2012, 01:33 AM
Last Post: h3rm35
  Facebook founder called trusting users dumb f*cks drummer 20 6,535 06-23-2012, 01:20 AM
Last Post: h3rm35
  Oracle verdict double plus good for Linux movement h3rm35 0 769 06-06-2012, 12:55 AM
Last Post: h3rm35
  Linux talent shortage drives up salaries h3rm35 0 808 02-17-2012, 10:24 PM
Last Post: h3rm35
  Trojan nicks blueprints as Win Update data, backdoors gov-targeted kit w/Adobe 0-days h3rm35 2 882 02-03-2012, 01:47 AM
Last Post: h3rm35
  Tails 0.10 released, a Linux live OS for privacy Telecaster72 0 1,094 01-13-2012, 12:48 AM
Last Post: Telecaster72

Forum Jump:


Users browsing this thread: 1 Guest(s)