PDA

View Full Version : [ubuntu] .exe trojan in Ubuntu



RogerDavis
February 18th, 2011, 07:51 PM
I don't have Wine or any other method of using Windoze on this machine.

I found the below in a scan:
/home/roger/.local/share/Trash/files/0.0036577223645151147.exe Trojan horse Crypt.ACSA
Please note that it is a .exe file.

So the following questions naturally come up:
1) How did it find it's way onto the hard drive of this exclusively Ubuntu system? How can I stop future cootie files?
2) My presumption is that it is powerless on this system, just delete it and forget it?

Copper Bezel
February 18th, 2011, 08:46 PM
To the latter, yes - even if it was running under Wine, it probably couldn't do anything hostile, and I can't imagine it's even marked as executable.

To the former, either something embedded in a webapp or a tricky link downloaded it to your machine.

3Miro
February 18th, 2011, 08:59 PM
I don't have Wine or any other method of using Windoze on this machine.

I found the below in a scan:
/home/roger/.local/share/Trash/files/0.0036577223645151147.exe Trojan horse Crypt.ACSA
Please note that it is a .exe file.

So the following questions naturally come up:
1) How did it find it's way onto the hard drive of this exclusively Ubuntu system? How can I stop future cootie files?
2) My presumption is that it is powerless on this system, just delete it and forget it?

1) Browser cookie, flash, e-mail attachment ... something along those lines. It makes little difference since it cannot damage anything.
2) For an .exe to do damage under Linux, wine has to be installed and you have to explicitly say "run" with wine. Even then, most of windows malware doesn't run under wine since you have the second layer of protection by Linux.

ubun2geek
February 18th, 2011, 11:54 PM
ahhh... get rid of it, it won't hurt anything though. Linux is not windows.

wilee-nilee
February 19th, 2011, 01:18 AM
I vote false positive.

bobcollard
February 19th, 2011, 03:48 AM
Interesting, how it could get in there, since everything in my trash I put there and except for the user name the address is the same for that file on my system.