Hey everybody! I came across this article about a cross-platform trojan that checks what OS a user has then downloads the malware depending on what OS it detects. Should this be a concern for us Ubuntu/Linux users?
Question Everything Boot-Repair
It uses the Social Engineering Toolkit and it's based no a Jar file. Jar files are Java and can run on any OS that has a Java Virtual Machine (OpenJDK, Oracle JDK, etc) so that's why it runs on Linux. As you may have guessed the Social Engineering Toolkit (SET) tries to trick you into running the file. If you don't run it you're fine. You can also run Java in an AppArmor profile, which I suggest. This way even if you run the .jar it will be limited to the AA profile.
sig
Interesting. What is AppArmor? Also, how can I check if Java is installed on my system? I think I installed Java on my system when I was on the NVIDIA site.
You can check if you have Java installed here: https://www.java.com/en/download/installed.jsp I wrote about AppArmor here: https://insanitybit.wordpress.com/20...parmor-how-to/
Originally Posted by Hungry Man You can check if you have Java installed here: https://www.java.com/en/download/installed.jsp I wrote about AppArmor here: https://insanitybit.wordpress.com/20...parmor-how-to/ Thanks. It appears that I have Version 7 Update 3 and an update to Version 7 Update 5 is available. Do you recommend I update? I don't even know what Java is used for. Do I even need this?
Originally Posted by Shadius Hey everybody! I came across this article about a cross-platform trojan that checks what OS a user has then downloads the malware depending on what OS it detects. Should this be a concern for us Ubuntu/Linux users? The demo is here. Samiux
No..because he main filesystem is under root control so even if the malware tries to modify the system partition,ubuntu will prompt the user to authenticate the action. Update to latest versions of Java since they may contain various bugfixes and security enhancements
Originally Posted by Shadius Thanks. It appears that I have Version 7 Update 3 and an update to Version 7 Update 5 is available. Do you recommend I update? I don't even know what Java is used for. Do I even need this? If you don't know what Java is for I suggest you remove it. It's basically a giant gaping security hole.
Originally Posted by ranger1021994 No..because he main filesystem is under root control so even if the malware tries to modify the system partition,ubuntu will prompt the user to authenticate the action. Update to latest versions of Java since they may contain various bugfixes and security enhancements Local Privilege Escalation can get the root privilege. Samiux
If you don't need Java, just get rid of it. If there's something you do need it for (since a lot of other things apparently get developed using it as a framework), then at the very least disable it in the web browser. In this specific case you will most likely be prompted to allow the malicious application to run. Just not doing that should work. Now the plain fact is, SE gets everyone eventually. Even professionals who are constantly anticipating it. Someone will find that perfect thing to entice folks into clicking what they shouldn't. So the fundamentals still apply: only enable the things you need, maintain your backups, and be ready to rebuild when there's trouble.
Ubuntu Forums Code of Conduct
