Re: Linux “HoT” bank Trojan: Failed malware
i think it's pretty easy to trick a user into giving sudo away. just fake an apport bug report like dialogue or some other fake gksu dialogue and people will happily give their sudo to whatever script is running behind it. once you do that, it's not your machine anymore.
put a delay on the pop-up so people won't relate it to that thing they clicked on that website 45 minutes ago. it all runs in the background, adding users, groups, opening ports, grepping stuff from who knows where...
granted, the weak spot would still be BKAC, but that's how easy it is.
It's a GIANT MUSHROOM... MAYBE IT'S FRIENDLY!