EvilGnome Linux Spyware

Discussion in 'News' started by booman, Jul 17, 2019.

  • by booman, Jul 17, 2019 at 9:32 PM
  • booman

    booman Grand High Exalted Mystic Emperor of Linux Gaming Staff Member

    Joined:
    Dec 17, 2012
    Messages:
    8,347
    Likes Received:
    627
    Trophy Points:
    113
    Location:
    Linux, Virginia
    Home page:
    Its rare to see a malware or spyware on Linux, but this article shows that someone has been working on one for Desktop

    https://thehackernews.com/2019/07/linux-gnome-spyware.html

  • Categories:

Comments

Discussion in 'News' started by booman, Jul 17, 2019.

  1. Daniel~
    wow, that's pretty unhappy making. For the last 10 years or so Linux has been my Anti-virus.

    Didn't anyone tell them that Linux is just for people who are to poor to use Whimdows. Honest!!

    Let's back up a minute! Well my back up takes 15 minutes, I do one right after upgrading or a new install. I keep 5-7 backups. on a separate drive.

    Can be very useful when things go south.
  2. booman
    At least the article says its an unfinished spyware... but yeah, who are they going infect exactly? 1000 computer in the whole world?

    They could be doing a LOT more hard infection 100K Windows computers instead.
  3. Kaitain
    It's an interesting exercise, for sure. As it stands, it's pretty useless, but... imagine if they'd got the keystroke logger working. Simply wait for somebody to type "sudo <cmd>" and log the password, and then they have the ability to elevate their service into the system.

    I suspect that they targetted Gnome as that's what they were familiar with, but you've got the same risk with all DEs that allow arbitrary extensions. Usual thing - be careful what you run from the internet.

    As to purpose? Who knows...
  4. Daniel~
    That's the ticket!We should get only those hackers to dumb to know where the money is!

    M.S. has spent it's entire life creating a hacker friendly environment.
    Linux simply can't begin to compete with whimdos!

    What has Linux ever done to make the cyber world safer for hackers?
    (Ah...that part is rhetorical!)

    Whimdose practically created the hacker and now Linux comes whining about a lack of Linux hackers!!

    All because Americans can't keep two OS' in their minds at the same time.
    It's just not that hard!

    Whimdos was created by those seeking a mature point of view,
    one that put money first and more money second.

    Whimdos is an operating system dedicated to ...What?

    OK I see your point. Money and more money does actually cover this.

    BUT! Just take a look at Linux!!! They don't even freaking charge! they just give it away. Like Americans are stupid enough to pay for it!!

    OK! I covered that with "they can't keep two OS's in mind at the same time.

    Just because you love linux that doesn't mean you can't be swindled by MS at the same time now does it?

    Let's face it!! Whindos has a proven track record! They can guarantee
    a level of noncompliance that linux can only dream of!!
  5. booman
    My problem is that I'm downloading all kinds of games from itch.io, GOG and Moddb.com
    For the most part they are safe because legitimate developers have uploaded them.

    I suspect its easier to get malware/spyware by downloading porn or pirated movies/software.... which I don't do
  6. Kaitain
    Aw now, know your history - hackers, and their nefarious counterparts (i.e. criminals), have existed since the original Unix and Vax VMS days.

    That's not to excuse MS - they seem to be more bug-prone than most, but they're also the most lucrative target to attack. We Linux desktop users are a rare enough breed anyway, and the sheer variety of desktop configurations, libraries etc. rather limits the applicability of this sort of malware.

    @booman, if I were to attempt this sort of exploit, I might try to do so via a game mod: first, I can be reasonably certain that particular libraries and capabilities exist, because they're what steam/wine needs, and second, I can be reasonably sure that there's a Windows compatibility layer for those bits I can't get Linux to do.
  7. booman
    Really?
    I would think exploiting pirated software would get more exposure....
    Can malware have both windows executables and unix executables in the same application?
  8. Kaitain
    Maybe on Windows, where software is expensive, but since Linux has so many free alternatives, you're limited in the paid-for applications you could pirate. And... if you really need the paid-for version, chances are you'll pay, as paying for software is such a novelty ;)

    So, I'd be looking at things that people do download. It's why criminals tried to poison Gentoo's portage tree, and why the various distro repositories are carefully guarded....

    That's effectively what happens when you run a Windows application in Wine. However, the likelihood of Windows malware being interpreted correctly is... probably not zero, but a small enough chance that it might as well be.
  9. booman
    Wow, I wasn't even thinking about Wine...
    I was thinking about a malicious software that runs in Windows, but if it also executes in unix environment it will run as well. I'm sure that would be a lot of work, but Game Developers do exactly that. The game is bundled with Windows and Linux binaries to run the game in either and its just a single download for us.

    Thank you for your knowledge!

Share This Page