[ISN] Linux Trojan Raises Malware Concerns

From: InfoSec News <alerts_at_private>
Date: Mon, 14 Jun 2010 00:27:50 -0500 (CDT)
http://www.pcworld.com/businesscenter/article/198686/linux_trojan_raises_malware_concerns.html

By Tony Bradley
PC World
June 13, 2010

[Author's Note: The article has been modified to correct the assertion 
that Unreal IRC has any relation to Unreal--the first-person shooter 
developed by Epic Games.]

I've got good news and bad news for those of the misguided perception 
that Linux is somehow impervious to attack or compromise. The bad news 
is that it turns out a vast collection of Linux systems may, in fact, be 
pwned. The good news, at least for IT administrators and organizations 
that rely on Linux as a server or desktop operating system, is that the 
Trojan is in a download that should have no bearing on Linux in a 
business setting.

An announcement on the Unreal IRCd Forums states "This is very 
embarrassing... We found out that the Unreal3.2.8.1.tar.gz file on our 
mirrors has been replaced quite a while ago with a version with a 
backdoor (trojan) in it. This backdoor allows a person to execute ANY 
command with the privileges of he user running the ircd. The backdoor 
can be executed regardless of any user restrictions (so even if you have 
passworded server or hub that doesn't allow any users in)."

[...]


_________________________________________________________________
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com
Received on Sun Jun 13 2010 - 22:27:50 PDT

This archive was generated by hypermail 2.2.0 : Sun Jun 13 2010 - 22:34:14 PDT