New password-stealing trojan hits Linux, Apple

So who says Linux is not worth the time of cybercriminals writing malware?

 

A Russia-based security vendor said Tuesday the new Trojan is the first to steal passwords in computers running Linux as well as Apple's Mac OS X operating systems.

 

"This malicious program is designed to steal passwords stored by a number of popular Internet applications. BackDoor.Wirenet.1 is the first such Trojan capable of running under any of these operating systems," Dr. Web said.

 

It added this was the first cross-platform backdoor to run under Linux and Mac OS X. 

 

But it said it is not yet clear at this time how the Trojan spreads.

 

Dr. Web said its initial finding showed the Trojan, when launched, creates its copy in the user's home directory.

 

It then uses the Advanced Encryption Standard (AES) to communicate with its control server whose address is 212.7.208.65.

 

Dr. Web said BackDoor.Wirenet.1 also operates as a keylogger and steals passwords entered by the user in Opera, Firefox, Chrome, and Chromium.

 

Other apps whose passwords it will steal include Thunderbird (email client), SeaMonkey (Internet suite), and Pidgin (instant messaging client). — TJD, GMA News