[GLLUG] Ebay phishers use Linux botnets

L Inbody linbody at gmail.com
Thu Oct 4 22:17:45 EDT 2007


Sony DRM Rootkit, nothing more needs to be said!

On 10/4/07, Karl Schuttler <rexykik at gmail.com> wrote:
>
> Just a little wink wink,
>
> "With Windows you practically need to inject a VNC server process just to
> do
> anything useful.  Plus, the rootkits are a bit easier to install and use
> (easier to hide processes, network connections, etc.) in Linux I think,
> or at least more mature."
>
> Botnets aren't controlled over VNC, they are typically controlled over
> an IRC server. If you were to botnet over VNC, you would have to do
> tasks individually with each computer. The whole advantage of
> botnetting is being able to use all the computers' power at the same
> time.
>
> I definitely agree, however, that owning a linux box would be more
> satisfying than a windows box. But rootkits aren't that difficult to
> get owned by in windows, and certainly not easier to install than in
> windows; look at back oriface and the success it had. Installing in
> Windows would probably be easier, seeing that privilege escalation is
> much simpler in a windows environment. I don't know about the level of
> maturity that you mean, but a lot of these backdoor softwares are self
> propagating. Furthermore, a lot of the zombies in the bot nets aren't
> going to be used for server hosts themselves, but are more likely to
> be using mail clients to mail bomb spam to people in order to get them
> to visit the web server of the phishers.
>
> Having a botnet and writing malware for exploiting flaws isn't
> something that just the hobby hacker is doing anymore, it is an
> industry that has great payoff, and with anonymity services like Tor,
> pretty simple to keep from getting caught. Keep in mind that people
> are being paid to professionally develop this malware.
>
> And yes, of course they are going to use linux for some aspects,
> probably to develop in, host some of their services like the irc
> server, or the webservers they need to put up a phishing site. I think
> the difference is that most of the zombies probably aren't linux, but
> more of the upper management is.
>
> Karl
>
> On 10/4/07, Michael Rudas <audiotech50 at gmail.com> wrote:
> > Mark Lachniet wrote:
> >
> > > I'm not sure its FUD really.  The source seems credible, despite the
> > > venue of the statement (Microsoft's conference).  But, when you think
> of
> > > it, what would YOU rather hack.
> >
> > But, again, the presentation is titled ("eBay phishers use Linux
> > botnets")-- and framed ("Phishers are getting more organized and tend
> > to exploit hacked Linux boxes more than Windows, according to eBay's
> > security chief.") as though the Linux boxen WERE some sort of
> > sooper-seekrit botnet in-and-of themselves.
> >
> > Deliberate lies and distortion are being used to obscure the truth--
> > which is the very DEFINITION of FUD.
> > _______________________________________________
> > linux-user mailing list
> > linux-user at egr.msu.edu
> > http://mailman.egr.msu.edu/mailman/listinfo/linux-user
> >
> _______________________________________________
> linux-user mailing list
> linux-user at egr.msu.edu
> http://mailman.egr.msu.edu/mailman/listinfo/linux-user
>



-- 
Running Linux? Are you completely out of your mind.  That thing is a
rip-off.  It comes with no viruses, no Trojans, no malware , etc .......
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.egr.msu.edu/mailman/public/linux-user/attachments/20071004/383b2322/attachment.html


More information about the linux-user mailing list