Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Yeah, Linux is popular, every day more and more and it wasn't really a surprise to see something like this happen. Same worm can infect Winblow$ and Mac OS X, but of course Linux is a different story.
Really, though...if it takes social engineering to kick-start the compromise, I don't consider that an actual worm. Worms self propagate. This one doesn't self-propagate, from what I understand. It's actually a trojan. Although it'll hijack user accounts and attempt to spread itself further via spam messages, it will still take a duped human to actually make the attempts successful.
The attack was spotted on social networking websites like Facebook, MySpace and Twitter, the usual hunting grounds of the Koobface gang.
Never go there, so not affected.
Quote:
It begins with users receiving a messages from their friends, who direct them to an online video. Lures like "Is it you in this video?" have been observed.
Aah, really ...
Quote:
The included link leads to a fake YouTube page, which displays a video thumbnail. Clicking it launches a Java applet, that users are asked to accept.
So not a worm then,
Quote:
The applet exploits a remote code execution vulnerability in outdated versions of Java and checks the visitor's operating system.
Outdated java dependency - not reliable then.
Quote:
Based on this determination, the appropriate version of the Koobface worm is installed without requiring any interaction from the victim.
I think there has been quite enough user interaction already, hardly a worm attack.
Quote:
Once installed on a computer, the worm hijacks the social networking accounts of its owner and uses them to propagate.
Why would anyone be surprised that a java attack would succeed against various (any ?) environment. Isn't that the java motto - "write once, fail everywhere" ?.
+1 for the Darwin nomination.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
