On Thursday 10 Dec 2009 01:29:59 Basil Chupin wrote:
I originally posted this in offtopic but think that this would be of interest to more people than just those frequenting offtopic.
*No operating system can ever properly protect a computer from trojans as long as users continue to do silly things. Just because Linux is immune to your standard drive-by viruses it does not mean that it can escape trojan horses.*
The latest reminder to be vigilant comes via the users unfortunate enough <http://ubuntuforums.org/showthread.php?t=1349678> to download and install a malicious screensaver from gnome-look.org <http://www.gnome-look.org/content/show.php/WaterFall+Screensaver?content=1 16772>.
Although the malicious content is now removed, the code fragments left show what the trojan's potential may have been.
The program inserted a bash script into |/usr/bin/| by using |wget| and then executing the script. Originally the script's contents were a ping command but this was later changed to:
..................
http://www.zdnet.com.au/blogs/null-pointer/soa/Carelessness-busts-Linux-sec urity/0,2001102868,339299939,00.htm?feed=rss
BC
Lets hope there is someone on the KDE related download sites checking for people trying to insert malware into their programs. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org