Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 11
'Hand of Thief' Linux trojan steals Internet banking information - TechSpot Linux desktop Trojan 'Hand of Thief' steals in | ZDNet Heard about this on the Linux Action Show today ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Enthusiast TNFrank's Avatar
    Join Date
    Jul 2013
    Location
    Crossville, TN. USA
    Posts
    718

    "Hand of Thief" Trojan. Heads Up.


    'Hand of Thief' Linux trojan steals Internet banking information - TechSpot
    Linux desktop Trojan 'Hand of Thief' steals in | ZDNet
    Heard about this on the Linux Action Show today and did a quick Startpage to find out more. This is one article that I found.
    So, how do we protect ourself against this if we happen to do Interweb banking?

  2. #2
    Administrator jayd512's Avatar
    Join Date
    Feb 2008
    Location
    Kentucky
    Posts
    5,023
    Well, as both articles point out:
    Quote Originally Posted by linked articles
    The good news at this point is that there isn’t really a solid delivery mechanism for the package. The trojan’s “sales agent” suggests using e-mail and social engineering as methods of infection.
    So most of our current security measures should be sufficient to keep us secure.
    Personally, I don't bank online. And I don't shop online unless it's with a pre-paid credit card. But that's just me being properly paranoid



    P.S.
    I moved this to the Coffee Lounge since it's more of a discussion type post.
    Jay

    New users, read this first.
    New Member FAQ
    Registered Linux User #463940
    I do not respond to private messages asking for Linux help. Please keep it on the public boards.

  3. #3
    Linux Enthusiast TNFrank's Avatar
    Join Date
    Jul 2013
    Location
    Crossville, TN. USA
    Posts
    718
    Since I'm unemployed and can't afford to get tires for my truck, the less driving into town I can do the better. I do most all of my banking online but like the second link said, it'll most likely be delivered to your machine from a Phishing e-mail so if you're careful(which we all should be) and don't click stuff from unknown sources then you should be ok. Still, I just felt like I should get the info out there for us all to know about and share.

  4. #4
    Linux Guru Jonathan183's Avatar
    Join Date
    Oct 2007
    Posts
    3,042
    Quote Originally Posted by TNFrank View Post
    So, how do we protect ourself against this if we happen to do Interweb banking?
    my shortlist ...

    1. use a separate user account for general web surfing
    2. install an email client and use a different account than general web surfing account and:-
    a) disable html render of emails (view in text)
    b) copy and paste any links you want to access and save in a plain text file, copy to web surfing account/common area and use that to access the links
    c) never follow links in the user account for accessing emails
    3. use a separate account for online banking, and use it only for online banking
    4. disable remote access unless you really need them, if you do use them don't allow online banking remote access
    5. setup an egress firewall ... something like this
    6. if your online banking will work with something like links use that instead of firefox/chrome etc to access online banking
    7. keep your system up to date and install software using repositories for your distro
    8. always reboot your PC before using online banking account, and login and use online banking before other account logins
    9. consider setting up a minimal install for online banking only (install the minimum apps you need for online banking).

    Or consider doing online banking from a live CD only ...

  5. #5
    Linux Guru rokytnji's Avatar
    Join Date
    Jul 2008
    Location
    Desert
    Posts
    4,002
    Or consider doing online banking from a live CD only ...
    Lots of Linux users bank that way from what I have read on Murga Forums.
    Linux Registered User # 475019
    Lead,Follow, or get the heck out of the way. I Have a Masters in Raising Hell
    Tech Books
    Free Linux Books
    Newbie Guide
    Courses at Home

  6. #6
    Linux Enthusiast TNFrank's Avatar
    Join Date
    Jul 2013
    Location
    Crossville, TN. USA
    Posts
    718
    Quote Originally Posted by Jonathan183 View Post
    Or consider doing online banking from a live CD only ...
    That's an interesting idea. It'd take a bit more time to authenticate things but it would be pretty much virus proof since nothing could be written to the CD that would allow it to do anything to capture your screen when you're banking.

  7. #7
    Linux Guru rokytnji's Avatar
    Join Date
    Jul 2008
    Location
    Desert
    Posts
    4,002
    Quote Originally Posted by TNFrank View Post
    That's an interesting idea. It'd take a bit more time to authenticate things but it would be pretty much virus proof since nothing could be written to the CD that would allow it to do anything to capture your screen when you're banking.
    Puppy Linux Discussion Forum :: View topic - How to make a tweaked Puppy optical banking disk? (Solved)
    Linux Registered User # 475019
    Lead,Follow, or get the heck out of the way. I Have a Masters in Raising Hell
    Tech Books
    Free Linux Books
    Newbie Guide
    Courses at Home

  8. #8
    Penguin of trust elija's Avatar
    Join Date
    Jul 2004
    Location
    Either at home or at work or down the pub
    Posts
    3,485
    If you really want to annoy the snoopers while using a live environment to do online banking
    What do we want?
    Time machines!

    When do we want 'em?
    Doesn't really matter does it!?


    Conkybots: Interactive plugins for your Conkys!

  9. #9
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    3,846
    Quote Originally Posted by elija View Post
    If you really want to annoy the snoopers while using a live environment to do online banking
    Sorry Elija, but I would not recommend anyone use that bootup system for internet banking.

    That system routes data over TOR, which is for privacy, not security. Anything that sends your private credentials over TOR is a liability - you never know who is reading your traffic, even if it's encrypted. It ensures anonymity, i.e. nobody can detect who you are and who you are talking to, but it doesn't protect any passwords or private information such as bank account numbers/sort codes etc. that you send over the channel. By all means use that disk to watch the latest Anonymous video without letting the government know you're watching it, but don't use it to log-in to youtube before you watch...
    Linux user #126863 - see http://linuxcounter.net/

  10. #10
    Penguin of trust elija's Avatar
    Join Date
    Jul 2004
    Location
    Either at home or at work or down the pub
    Posts
    3,485
    Quote Originally Posted by Roxoff View Post
    Sorry Elija
    Don't apologise for making a good point very well. In fact I retract my previous post.
    What do we want?
    Time machines!

    When do we want 'em?
    Doesn't really matter does it!?


    Conkybots: Interactive plugins for your Conkys!

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •