Attacked While Inactive and unarmed

Story: Symantec finds Linux wiper malware used in S. Korean attacksTotal Replies: 6
Author Content
Fettoosh

Mar 23, 2013
12:58 PM EDT
What a sleazy title.

The malware takes advantage of an IE vulnerably, which its main part runs strictly on Windows, to destroy the MBR which Linux happened to share with Windows. The MBR on a computer could be shared with any other OS, so why single out and point the finger to insinuate that the lion share of the blame in the title goes to Linux?

Some won't give up. Being on the blogosphere or by security outfits, they will go to any length just to taint Linux by any means they could.

It isn't working, Linux is moving fast and proliferating everywhere, especially on mobile devices.

If its a problem, just remove Windows, it is the primary malware/Virus.

cmost

Mar 23, 2013
2:14 PM EDT
I'm not surprised actually. Have you noticed that whenever there's a major computer virus or malware outbreak, the media rarely if ever names the operating system if it's Windows? Plenty of finger-pointing goes to the originator of the virus but the truth is that there wouldn't be so many Windows viruses or other malicious exploits if Windows were more secure by design. When will Microsoft get religion and shit-can the old legacy Windows base, which has been patched and re-patched since the days of DOS and replace it with something entirely new that is actually designed with security and networking in mind from the start? The reason why UNIX/Linux and other *NIX based operating systems are so widely used in governments and other mission critical environments is because *NIX was designed from the very beginning as a multi-user, network aware operating system. I agree that the salaciously smear the Linux name with regards to this particular malware was little more than for dramatic effect.
Fettoosh

Mar 23, 2013
2:34 PM EDT
Quoting: ...salaciously smear the Linux name with regards to this particular malware was little more than for dramatic effect.


It is a title to smear alright. Those who don't know any better or don't read the article thoroughly would definitely think it is a malware that broke Linux and consequently leads them to believe that Linux is insecure.

matthekc

Mar 23, 2013
2:47 PM EDT
http://www.symantec.com/connect/blogs/remote-linux-wiper-fou...

This article explains the attack better... once the malware has infected the Windows computer it is checking for remote management software called mremote. If it finds the mremote tool then it uses the stored information in the tool to attempt to delete files from multiple machines on the network on multiple Unix platforms. It looks like mremote allows you to store your SSH credentials and once it has those credentials it can maliciously attack multiple Unix platforms.

Arguably the threat is more due to a tool that allows poor administration practices than any vulnerability of the affected operating systems.
bverheg

Mar 23, 2013
5:02 PM EDT
Shocking! If malware running on insecure Windows finds the root password of your Linux box stored on it and can remotely connect to your Linux box, it can wipe your Linux. How appalling is that?

Seriously, if you can remotely login as root to your Linux box, you are supposed to be able to wipe everything. And if you are stupid enough to store your Linux root password on a Windows machine, then all you deserve is that your Linux box gets wiped.



Fettoosh

Mar 23, 2013
5:19 PM EDT
Quoting: It looks like mremote allows you to store your SSH credentials and once it has those credentials it can maliciously attack multiple Unix platforms.


Passwords of accounts with root privileges should never be saved/written down anywhere that it can be visible directly or indirectly.

JaseP

Mar 29, 2013
11:33 AM EDT
So wait a minute?! They are not using a passwordless hash to ssh into a box?!?! What the...!?!?! And to login as Root, too?!?! Some sysadmins need to back to school, big-time...

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!