A great deal of policy this week about'Hand of Thief', the most recent black-market Trojan made for almost any aspiring cyber-fraudster - yours for only $2000.
It is about news in the danger for your private data - mostly your online banking information - is an increasingly more product, but for your IT community that the extra interest in this particular piece of malware is the fact that it's been engineered especially for Linux. Needless to say, Linux is quite popular as a host/server OS, however, Hand of Thief is squarely meant to intercept a user's browser connections. It might be a proportionally little pool of possible goals but you get 100 percent of it - that the amount of malware targeted on the Linux OS is negligibly little when compared with tens of millions of recently added malware variations being found from the Windows world each year.
What Can Walter White Would Do?
The marketplace for Hand of Thief appears to be modelled from the picture of having Bad's Walter White's arrangement because of his gloomy crystal meth marketplace (I am sure I do not have to describe what Resident Poor is?) . At the very best, there's a development laboratory producing the malware, as well as the men engineering the code, such as Walter and his trainee cooks, look satisfied simply to produce and promote merchandise. Their clients will be the criminal gangs seeking to utilize the malware to steal banking data, or there may even be a further grade of middle-men functioning the phishing system to disperse the malware and collect account passwords and codes to market onto other classes. These can be the men really logging in and moving out the cash.
The timing is interesting also - using the Citadel bust only being made public, the headline and moral of this story ought to have been the perpetrators have only been imprisoned, but the estimated $500M stolen was really the eye-catching element of this narrative? So rather than behaving as a warning and deterrent to other cybercriminals, the narrative would just as likely have motivated even more to"get rich or die tryin'", exactly like the infamous Albert Gonzalez who held this as his motto when he donned his different scams targeting cardholder data theft.
Linux Users - Welcome to the New Wild West
The sole conclusion is the inevitable proliferation of cybercrime-enabling malware proceeds, which the prior'high ground' given by the Non-Windows Operating Systems appears now to be decreasing.The fantastic thing is that security technology can be progressing - real time FIM is currently available for Mac OS X, and almost all other modern Linux and Unix, including Solaris, Ubuntu, RedHat and Suse. This usually means there is technology to find malwareZero Day strikes which will evade antivirus programs. Additional with avoidance being the perfect approach, hardening checklists can now be implemented using the exact same file integrity tracking technologies to audit Linux hosts and Desktops to make sure many vulnerabilities are shut down and stored out. And needless to say, vigilance is obviously likely to be demanded - phishing attacks have skyrocketed in the past 12 months and that all points to a possibly upward spiraling trend.
