The vast majority of malware is created for the Windows platform.
Yes, we do see money-making malicious software for Android and Mac OS X and users of those platforms should protect themselves, but mostly it’s Microsoft Windows in the firing line.
But that’s not to say that fans of other operating systems can be lax about their security, and a recent discovery by researchers at RSA underlines that.
Limor Kessem posted a blog yesterday about a new banking Trojan for the open-source Linux operating system called “Hand of Thief”.
And “Hand of Thief” is a substantial piece of work for Linux malware, compromising form grabbers for HTTP and HTTPS sessions running on a variety of browsers, blocking infected computers’ access to anti-virus websites and security patches, and virtual machine detection to make it harder for anti-virus researchers to reverse engineer its code.
In addition, “Hand of Thief” incorporates an admin panel, allowing a criminal to control the remote computers he has successfully hijacked around the world.
Apparently the trojan has been tested on 15 different flavours of Linux including Ubuntu, Fedora, and Debian.
According to Kessem, the malware is currently being offered for sale, with free updates, in underground internet forums for $2,000 USD, but is anticipated to rise to $3,000 (with a $550 fee for major version updates) as new features are introduced in the near future.
That’s quite a high cost for a piece of malware, but small compared to the potential money that could be made by successfully compromising and infecting unprotected Linux computers.
All in all, it’s yet another reason why Linux users shouldn’t be complacent about their computer security, and run an anti-virus program.
What’s that? Your anti-virus vendor stopped supporting Linux?
You can read more about “Hand of Thief” on the RSA blog.