CATEGORIES
home News

'Hand of Thief' Trojan Hits Linux, Steals Passwords and Other Sensitive Information

by Rob WilliamsFriday, August 09, 2013, 03:15 PM EDT

Linux users have long been able to claim that their platform of choice is about as safe as an OS can get, but that sentiment is getting a little harder to side with thanks to the recent discovery of the 'Hand of Thief' trojan - it's a bad one, so listen up.

Hand of Thief's goal is to lead you to financial ruin by stealing sensitive information that you input into forms on supported Web browsers (Firefox and Chrome lead the pack here), such as those that you will use on banking websites. Hand of Thief's developers aren't going to be the ones milking your bank account dry, however. Instead, they're going to be selling licenses of the trojan to those who will. Current pricing is $2,000 with free updates, but that's soon to go up to $3,000. That sounds like a high price, until you realize that it could pay for itself instantly if someone with a packed bank account is targeted.

The discovery of this trojan was made by EMC's security division RSA. While malware isn't exactly uncommon for Linux, it is when we're talking about the desktop - it all boils down to marketshare; where are you going to go if you're a malware writer? The trojan's developers note that the software runs on 15 different Linux distros and 8 different desktop environments. While the Linux desktop userbase is small, it can be assumed that the vast majority will be running a combination that's supported by this trojan.

Some might be led to believe that this trojan is just a myth, the result of someone wanting to spread FUD, but ZDNET's Steven J. Vaughan-Nichols claims that someone had tried to sucker him in to get it installed. And that's the key thing here: this isn't a trojan that travels across networks, installing itself on each machine it hits. Social engineering is the primary source. If you're a member of Linux communities on social networks, you'll especially want to be careful. As always, be wary of links you're passed, even if they're from trusted friends. There's never any certainty that these friends actually sent them.

It goes without saying that Hand of Thief is a doozy, especially given we're talking about Linux here. If you get infected and hope to remove it, you'll be in for a bit of a challenge: the trojan alters memory addresses to make sure that you'll be unable to visit antivirus sites. It's not clear if you'd still be able to install protection through a repository, but given the complexity of the trojan, I'd be willing to bet that the creators thought that one through.

Tags:  Malware, Linux, virus, trojan, rsa
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment