Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stealthy Linux Trojan May Have Infected Victims For Years

Posted by Soulskill on from the trojan-penguin dept.

An anonymous reader writes: Researchers from Moscow-based Kaspersky Labs have uncovered an extremely stealthy trojan for Linux systems that attackers have been using to siphon sensitive data from governments and pharmaceutical companies around the world.

The malware may have sat unnoticed on at least one victim computer for years, although Kaspersky Lab researchers still have not confirmed that suspicion. The trojan is able to run arbitrary commands even though it requires no elevated system privileges.

6 of 129 comments (clear)

  1. "requires no elevated system privileges"?? by Anonymous Coward · · Score: 2, Insightful

    If you are establishing a raw socket, you have to have privileges...

  2. Re:"Running arbitrary commands" is irrelevant by Antique+Geekmeister · · Score: 4, Insightful

    I';m personally aware of thousands of systems on which database data, backups, and system logs are not read protected from local users. They're left this way on the grounds that "if someone has local access, we're screwed anyway". They pass pass commercial security audits because the security companies do a handful of known external attacks, which giver a small set of tasks to fix the issue and do not address such fandamental issues.

    This is particularly aggravated on systems with have password free sudo access for developers, which is very common on development environments, on systems with password free SSH keys casually stored with system wide access, and software systems that store passwords in clear text by default, such as Subversion HTTPS access. It's also compounded when home directories on which such information is stored is NFSv3 mounted and shared with all clients on the network. The concept of "data which belongs to you" breaks down quickly with NFS or CIFS without authentication in most environments. NFSv4 or Kerberized CIFS access can be helpful in restricting this, but I know very few partners or clients who go to the extra steps needed for this.

  3. Re:Well by jones_supa · · Score: 1, Insightful

    There has been plenty of people here who have claimed that Linux and open source provide an architecture which is by design more resilient against malware than proprietary solutions.

  4. Re:Security through Obscurity by GameboyRMH · · Score: 5, Insightful

    With closed source there are also no guarantees the bad guys won't see the source either. And it's far better to make the code visible to all then to wait for the exploit to be found in the usual ways while everyone was in the dark about it.

    Security through obscurity is just like peril-sensitive sunglasses. Having the code visible makes you nervous for some reason? Well we'll just keep you from seeing it! Problem solved!

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
  5. Re:give Peace a Chance by ChrisMaple · · Score: 3, Insightful
    There is a class of people, ranging from street thugs to vicious dictators, who choose to use violence or threat of violence to steal and destroy. I have two basic choices when faced with such people:
    1. Submit. The thug prospers, I suffer and probably die early. If nearly all people do this, thugs find it an easy way to live, and the class of thugs expands until it dominates the whole world. The whole world becomes a cesspool like North Korea.
    2. Arm myself to resist the thug, and on a national scale arm to resist thug-states. At the cost of defending myself, I can prosper in relative freedom. One of the worse costs is listening to ignorant tools like you advising me to let my throat be cut.

    There are costs involved in all decisions. I can't drive a car without contributing to the cost of a road. I can't keep warm in a snowstorm without buying shelter. I can't prosper, or even live long, without paying for defense.

    Do not rail against war and its expenses, but rather oppose those who use force to achieve their ends.

    --
    Contribute to civilization: ari.aynrand.org/donate
  6. Re: kinda makes you wonder by tehcyder · · Score: 1, Insightful

    Because obviously all the world's problems are always and only caused by government.

    It's a pretty good first approximation ....

    It's not "the government" that's the problem, it's the Military-Industrial complex, big business, land owners, capitalists, those with inherited money and privilege, and the wealthy self-serving elite generally.

    A proper democratic government is the only real protection against these powerful interests.

    --
    To have a right to do a thing is not at all the same as to be right in doing it