Hi all. I guess this incident should be thoroughly investigated. I read the reporter's account (Jerome Segura). It does not seem to be quite trustworthy and competent. E.g., he talks about "changing" in the start- up entries?? He did not attempt to kill either the java process first, nor the X-session second. He clearly is a windows "scientist".
My question is, how come the mentioned code being downloaded from the malicious website is executable? Or is it the java process executing the script? What the java process' privileges? Why isn't it killed by the parent firefox-bin process? The author mentions it in the article. There is a great misconception about unix-based systems in the public. One can go to http://en.wikipedia.org/wiki/Linux_malware, read the article and a very wrong impression. Most of the links are misleading , like this "The number of malicious programs — including viruses, Trojans, and other threats — specifically written for Linux has been on the increase in recent years and more than doubled during 2005 from 422 to 863". If you follow the link you find out it to be a blather. Most of the listed linux viruses turned out to be alb ones or very old ones. Others will very unlikely to propagate, since should be installed by the USER! -- Trojan under Linux passing by Java ! ! ! https://bugs.launchpad.net/bugs/668314 You received this bug notification because you are a member of OpenJDK, which is subscribed to openjdk-6 in ubuntu. Status in “openjdk-6” package in Ubuntu: Confirmed Bug description: Hi, A trojan named "Boonana/Koobface" can be installed under linux because of java. I thus confirm my request of real-time protection in ubuntu. More information in French here: http://www.echosdunet.net/dossiers/dossier_6179_un+trojan+windows+passe+sous+mac+os+x+linux+via+java.html Why not make a real-time protection to clamav inspired by "sentinel clam" ? ProblemType: Bug DistroRelease: Ubuntu 10.10 Package: icedtea6-plugin 6b20-1.9.1-1ubuntu3 ProcVersionSignature: Ubuntu 2.6.35-23.36-generic 2.6.35.7 Uname: Linux 2.6.35-23-generic x86_64 NonfreeKernelModules: nvidia Architecture: amd64 Date: Fri Oct 29 14:29:14 2010 InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release amd64 (20101007) ProcEnviron: LANG=fr_FR.utf8 SHELL=/bin/bash SourcePackage: openjdk-6 _______________________________________________ Mailing list: https://launchpad.net/~openjdk Post to : [email protected] Unsubscribe : https://launchpad.net/~openjdk More help : https://help.launchpad.net/ListHelp
