Results 1 to 10 of 11
'Hand of Thief' Linux trojan steals Internet banking information - TechSpot Linux desktop Trojan 'Hand of Thief' steals in | ZDNet Heard about this on the Linux Action Show today ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 08-12-2013 #1
"Hand of Thief" Trojan. Heads Up.
Linux desktop Trojan 'Hand of Thief' steals in | ZDNet
Heard about this on the Linux Action Show today and did a quick Startpage to find out more. This is one article that I found.
So, how do we protect ourself against this if we happen to do Interweb banking?
- 08-12-2013 #2
Well, as both articles point out:
Originally Posted by linked articles
Personally, I don't bank online. And I don't shop online unless it's with a pre-paid credit card. But that's just me being properly paranoid
I moved this to the Coffee Lounge since it's more of a discussion type post.
- 08-12-2013 #3
Since I'm unemployed and can't afford to get tires for my truck, the less driving into town I can do the better. I do most all of my banking online but like the second link said, it'll most likely be delivered to your machine from a Phishing e-mail so if you're careful(which we all should be) and don't click stuff from unknown sources then you should be ok. Still, I just felt like I should get the info out there for us all to know about and share.
- 08-12-2013 #4
1. use a separate user account for general web surfing
2. install an email client and use a different account than general web surfing account and:-
a) disable html render of emails (view in text)
b) copy and paste any links you want to access and save in a plain text file, copy to web surfing account/common area and use that to access the links
c) never follow links in the user account for accessing emails
3. use a separate account for online banking, and use it only for online banking
4. disable remote access unless you really need them, if you do use them don't allow online banking remote access
5. setup an egress firewall ... something like this
6. if your online banking will work with something like links use that instead of firefox/chrome etc to access online banking
7. keep your system up to date and install software using repositories for your distro
8. always reboot your PC before using online banking account, and login and use online banking before other account logins
9. consider setting up a minimal install for online banking only (install the minimum apps you need for online banking).
Or consider doing online banking from a live CD only ...
- 08-12-2013 #5
- 08-12-2013 #6
- 08-13-2013 #7
- 08-13-2013 #8
- 08-13-2013 #9
That system routes data over TOR, which is for privacy, not security. Anything that sends your private credentials over TOR is a liability - you never know who is reading your traffic, even if it's encrypted. It ensures anonymity, i.e. nobody can detect who you are and who you are talking to, but it doesn't protect any passwords or private information such as bank account numbers/sort codes etc. that you send over the channel. By all means use that disk to watch the latest Anonymous video without letting the government know you're watching it, but don't use it to log-in to youtube before you watch...Linux user #126863 - see http://linuxcounter.net/
- 08-13-2013 #10