



Multiplatform Java Botnet Spotted In the Wild 203
It's fun sometimes to be smug because you are ("one is") using an operating system less susceptible to malware, or at least less targeted by malware creators, than is Microsoft Windows. Now, reader Orome1 writes with word of a Java-based, equal-opportunity botnet Trojan, excerpting from Help Net Security's report: "'IncognitoRAT is one example of a Java-based Trojan discovered in the wild that is being downloaded and installed by another component. This malware behaves like other Windows botnets but uses source code and libraries that can operate on other platforms,' explains McAfee's Carlos Castillo." So far, no mention of a Linux version, though.
Comment removed (Score:5, Informative)
Re:Significance (Score:2, Informative)
Re:um.... (Score:4, Informative)
In this case it can theoretically operate on other platforms, but it cannot propogate to them. One could install it intentionally perhaps, but it won't make its way onto the Linux box against the system administrators will.
Thus it's called a Trojan - not a virus. It won't self-replicate and transmit to computers on other OSes as well...
Re:um.... (Score:4, Informative)
Google for firefox exploit linux. Or firefox vulnerability.
As long as attackers can run arbitrary code of their choice they can install botnet software.
Even if it means tricking the user to run it... Which is what botnet operators do all the time to Windows users.
The "linux" fanatics just like to believe Linux is more secure when there are so many exploited Linux servers[1] out there.
Go ahead and blame the administrators and users, but just imagine the sort of users you have "administering" a typical Windows machine.
They are the very users botnet operators target.
If OSX and "Desktop Linux" become very popular, you might get malware written in perl for more cross platform goodness.
[1] There may not be as many exploited Linux desktops, but I suspect there may be more Linux servers than desktops in the world
Re:RUN FOR YOU LIVES !! (Score:3, Informative)
Re:um.... (Score:3, Informative)
Java is not Java if you use platform specific attack vectors as this botnet does. In this case it can theoretically operate on other platforms, but it cannot propogate to them.
Sure, so you end up having to muck around with bash for something as simple as installing some damn botnet. apt-get install this, /etc/init.d/restart that...
See, that's what I mean when I say that Linux is not ready for the desktop! ~
Re:RUN FOR YOU LIVES !! (Score:2, Informative)