Stealthy Linux Trojan May Have Infected Victims For Years

An anonymous reader writes: Researchers from Moscow-based Kaspersky Labs have uncovered an extremely stealthy trojan for Linux systems that attackers have been using to siphon sensitive data from governments and pharmaceutical companies around the world.

The malware may have sat unnoticed on at least one victim computer for years, although Kaspersky Lab researchers still have not confirmed that suspicion. The trojan is able to run arbitrary commands even though it requires no elevated system privileges.

systemd hasn't been around that long, has it?

I thought that the systemd infection of Debian was much more recent than that. Like within the past year. But maybe I'm wrong, and it has been longer?

"Running arbitrary commands" is irrelevant

[gweihir]

The privilege system does not protect commands, it protects data. You can always run any command on any data that belongs to you. But when you want to access data of others or the system, you need elevated privileges and same for attacking to privileged network ports.

Re:Security through Obscurity

[GameboyRMH]

With closed source there are also no guarantees the bad guys won't see the source either. And it's far better to make the code visible to all then to wait for the exploit to be found in the usual ways while everyone was in the dark about it.

Security through obscurity is just like peril-sensitive sunglasses. Having the code visible makes you nervous for some reason? Well we'll just keep you from seeing it! Problem solved!