The Hand of a Thief

Linux has been used by professionals for server applications for over 15 years. Linux was first released in October 1991 under a free and open source software development and distribution model. It has evolved exponentially from an x86 (Intel) processor platform to almost any other CPU you can name. In recent years due to simplicity of installation, world-wide support and of course that all-encompassing incentive, free or low-cost, it has grown rapidly in desktop use.

It was bound to happen sooner or later. Someone was going to come up with malware designed to either harm your software or stealthily grab information for someone to enhance their pocket-book illegally. That day has arrived and the Trojan you might unknowingly install on your computer is called, “Hand of Thief”.

A distribution is driven by its developer and user communities. Software is developed, improved and mostly supported by individuals which submit their software to a committee operated by an organization which also sells a more comprehensive and supported version. Server revenue with applications are the principal financial structure as well as voluntary donations in supporting these organizations / companies. Depending on what Linux flavor you use, determines how updates are sent out and notifications received for updates to the individual systems.

Desktop Linux such as Mint, which I use, provide a tool bar notification placed at the bottom of my desktop. Whenever updates are available, the shield icon will change from a check mark to an exclamation point. If I click on this symbol, I will be asked to enter my password to allow these updates / modifications to my software on my computer. If you go outside of the normal process to obtain updates, you run the risk of possibly loading this new Trojan, “Hand of Thief“.

Prevention of loading this program is relatively simple, avoid going outside your normal software updates or software application center for new or updated programs. Loading any updates from the command line exposes you to a possibility of installing the “Hand of Thief”, Trojan application.

What does this program do to harm you? It captures information you type to access bank accounts and other private secured screens. It then back doors that information which is sold on the open market. The stolen information is currently sold in cyber crime communities for $2,000.00 (USD), and that price includes free updates. It is rumored to work on Ubuntu, Fedora, and Debian Linux distributions as well as others. It attacks all common web browsers, such as Firefox and Chrome. Distributions such as Ubuntu review all submitted packages. Mint is based on UBUNTU, therefore if someone attempts to slip them this Trojan, they will catch it, not distribute the application and track the individual which sent it.

Tux, the Linux penguin

Tux, the Linux penguin (Wikipedia)

– Do not install unsigned (non-certified) packages

– Do not add unofficial repositories without knowing the safety of repository

– Keep your system up to date at all times

– Keep all browser plugins up to date

– If your distribution has SELinux, use it

– Do not let others install software on your machines

– Use secure passwords that aren’t simple phrases or contain your birth-date

– If asked to enter root user (or sudo) password, know why you have been asked to enter it.

I have also installed an anti-virus program on my Linux PC. I suggest you do as well.

Advertisements