Multiplatform Java Botnet Spotted In the Wild

It's fun sometimes to be smug because you are ("one is") using an operating system less susceptible to malware, or at least less targeted by malware creators, than is Microsoft Windows. Now, reader Orome1 writes with word of a Java-based, equal-opportunity botnet Trojan, excerpting from Help Net Security's report: "'IncognitoRAT is one example of a Java-based Trojan discovered in the wild that is being downloaded and installed by another component. This malware behaves like other Windows botnets but uses source code and libraries that can operate on other platforms,' explains McAfee's Carlos Castillo." So far, no mention of a Linux version, though.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Significance

[clang_jangle]

How imaginative. Why, when this fallacious "reasoning" defeated in every single slashdot story in which it comes up, do people persist in trying to promote this myth? You *can't* unwittingly install and run arbitrary code on Linux the way you can on windows, unless you're incompetent and running as root all the time (which incredibly, I do know of at least one person who does -- but it's rare).

Re:um....

[LynnwoodRooster]

In this case it can theoretically operate on other platforms, but it cannot propogate to them. One could install it intentionally perhaps, but it won't make its way onto the Linux box against the system administrators will.

Thus it's called a Trojan - not a virus. It won't self-replicate and transmit to computers on other OSes as well...

Re:um....

[TheLink]

The Linux "installer" is called Firefox.

Google for firefox exploit linux. Or firefox vulnerability.

As long as attackers can run arbitrary code of their choice they can install botnet software.

Even if it means tricking the user to run it... Which is what botnet operators do all the time to Windows users.

The "linux" fanatics just like to believe Linux is more secure when there are so many exploited Linux servers[1] out there.

Go ahead and blame the administrators and users, but just imagine the sort of users you have "administering" a typical Windows machine.

They are the very users botnet operators target.

If OSX and "Desktop Linux" become very popular, you might get malware written in perl for more cross platform goodness.

[1] There may not be as many exploited Linux desktops, but I suspect there may be more Linux servers than desktops in the world ;).

Re:RUN FOR YOU LIVES !!

[mckorr]

2.7182 is e, not pi...

Re:um....

[shutdown -p now]

Java is not Java if you use platform specific attack vectors as this botnet does. In this case it can theoretically operate on other platforms, but it cannot propogate to them.

Sure, so you end up having to muck around with bash for something as simple as installing some damn botnet. apt-get install this, /etc/init.d/restart that...

See, that's what I mean when I say that Linux is not ready for the desktop! ~

Re:RUN FOR YOU LIVES !!

[trapnest]

Whoosh