Slashdot Mirror

← Back to Stories (view on slashdot.org)

Targeted Trojan Attacks Causing Concern

Posted by ryuzaki0 on from the with-your-name-on-it dept.

Bill Andad writes to point out a surprise trend emerging from the Virus Bulletin Conference 2006 in Montreal this week. From the article on Daniweb: "It is the smallest of Trojan attacks that are causing the biggest headache in the world of corporate security right now. By targeting individuals within individual companies with individually constructed infected messages, the new-age industrial spy is slipping under the security radar." News.com has more in-depth coverage.

4 of 77 comments (clear)

  1. Re:Get Ubuntu by QuantumG · · Score: 5, Insightful

    Also the african word for "many packages in our repository lack signatures but people install them anyway". Trojans are just as easy on linux as anywhere else.

    --
    How we know is more important than what we know.
  2. Not all that surprising by Jarjarthejedi · · Score: 4, Insightful

    Is it surprising at all that Social Engineering is the best way to get a virus in? I'm actually surprised this is even an article, of course the main problem companies are going to have is their employees clicking things they shouldn't...

    --
    There are two kinds of fool One says 'This is old therefore good' Another says 'This is new therefore better'- Dean Ing
  3. Re:Get Ubuntu by grcumb · · Score: 4, Insightful
    Also the african word for "many packages in our repository lack signatures but people install them anyway". Trojans are just as easy on linux as anywhere else.

    Bull:

    • All Ubuntu .deb packages available by default come from known sources. Adding untrusted repositories requires root privileges and visual warnings.
    • Installing software through apt-get (or synaptic or any of the other automated software installers) requires admin privileges.
    • Even a malicious script that surreptitiously runs
      dpkg -i nasty-payload
      is going to have a very hard time affecting the integrity of the system, let alone hiding from the user.
    • The default user mode is non-privileged. It's hard (though not impossible) for someone to run Ubuntu as root.

    If you wanted to make the point that there are just as many attack vectors in Ubuntu as elsewhere, go ahead. But the mere presence of an avenue of attack doesn't magically make it easy. Implying that Ubuntu is not inherently harder to compromise than Windows is prima facie wrong.

    --
    Crumb's Corollary: Never bring a knife to a bun fight.
  4. Re:The lax windows and win32 app security model... by QuantumG · · Score: 3, Insightful

    none of this relevant to trojans. A trojan is, by definition, something the user wants to run. The fact that most linux users don't run untrusted programs in a "jail" is much the same as the fact that most windows users don't do that either. It's sad, but it's a user education problem, and we're typically not good at solving those. Ubuntu users are encouraged to use "sudo" instead of "su" to run programs as root. sudo allows a permitted user to execute a command as the superuser or another user, but how many people actually use sudo to execute a command as anyone but root? sudo -u nobody ./random-email-attachment who does that? no-one.

    --
    How we know is more important than what we know.