Linux vulnerability found in Web exploit

By Jon Gold, Network World |  Operating Systems, Linux

A hacked Colombian Transport website has been rigged to deliver a malware payload that is able to target Mac OS,
Windows and even Linux systems, according to a report from F-Secure.

MORE SECURITY: Smartphone, tablet
security and management guidelines on tap from NIST

Users will see a certificate warning, telling them that the website is attempting to run a signed applet with an
invalid signature. If that warning is bypassed, F-Secure says, the malware checks the victim's computer, and
downloads different malicious files based on what operating system it detects.

Regardless of what OS is present, however, the malware's subsequent behavior is the same -- it downloads
additional files from a remote server and creates a
backdoor on an infected machine. Interestingly, the Mac OS version is a PowerPC binary, which means that
Intel-based Macs are immune in most cases.

According to the researchers, the backdoor may have been created with a freely available penetration testing
suite known as the Social-Engineer Toolkit.

The malware, which F-Secure has dubbed GetShell.A, is unusual in a couple of ways. First, attacks against Linux
are relatively rare in and of themselves. While some experts say that this is due largely to the framework's
comparatively small user base -- at least, in terms of desktop users -- others argue that Linux is intrinsically
more difficult to compromise than Mac OS and Windows. What's more, malware that targets multiple platforms at once
is uncommon, though it does happen.

Nevertheless, CNET blogger Topher
Kessler wrote
that it's far from the most dangerous malware on the Web. He says that it's likely that the
backdoor is the brainchild of less technically gifted hackers, and noted that the aforementioned PowerPC oversight
would dramatically limit the malware's effectiveness against Macs.

Email Jon Gold at and follow him on Twitter at @NWWJonGold.

Read more about wide area network in Network World's
Wide Area Network section.

Originally published on Network World |  Click here to read the original story.
Join us:






Operating SystemsWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question