Hello, On Sat, 01 Sep 2012, Greg Freemyer wrote:
http://www.forbes.com/sites/anthonykosner/2012/08/31/new-trojan-backdoor-mal...
Is openSUSE susceptible?
No idea. What I can find ATM is tons of blabbering (went as far as a page >20) citing _one_ source. And that smells a bit fishy[1] and is much lacking: http://www.google.com/search?q=BackDoor.Wirenet.1 http://vms.drweb.com/virus/?i=1957835 The latter, fed through http://translate.google.de/ reads: ==== Added to Dr.Web virus database: 2012-08-21 Virus description was added: 2012-08-22 Trojan backdoor that can run on Linux and MacOS X. Has keylogger functionality, can steal passwords typed by the user in the browser Opera, Firefox, Chrome, Chromium, and passwords from applications such as Thunderbird, SeaMonkey, Pidgin. When executed, it copies itself to the user's home directory. In MacOS: folder% home% / WIFIADAPT.app.app In Linux: in ~ / WIFIADAPT Establishes a connection to a remote command center at 212.7.208.65. Uses a check connections using encryption algorithm Advanced Encryption Standard (AES). ==== WTF? ONE specific IP in a virus? That resolves to a polish operated host in the Netherlands attached to a router in the Netherlands? (c.f. 'whois 212.7.208.65' and 'traceroute 212.7.208.65' and a whois on the second to last hop). And _NOTHING_ about method of attack / propagation??? Via Flash / JS^WECMA Script / Java / browser-specific bugs, or whatever??? Fishy! I'd stay wary and follow this a bit, watch CERT announcements etc., but it has a more than just a hint of a hoax / scareware ... Oh, and of course, keep your browser updated. Just these days there was an update: $ rpm -q --changelog seamonkey | head -50 * Mon Aug 27 2012 wr@rosenauer.org - update to SeaMonkey 2.12 (bnc#777588) [..] Haven't looked yet for any connection, there's too many bnc#, bmo# and MFSA/CVE's involved for my time of day ;) -dn'Guru Meditation'h [1] I don't like fish BTW. --
Seems you really are a social leper these days if you're not on FB. -- Julian Macassey Farcebook is AOL with better graphics. -- Michel And worse grammar. -- Roger Burton West -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org