We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Linux vulnerability found in Web exploit

A hacked Colombian Transport website has been rigged to deliver a malware payload that is able to target Mac OS, Windows and even Linux systems, according to a report from F-Secure.

MORE SECURITY: Smartphone, tablet security and management guidelines on tap from NIST

Users will see a certificate warning, telling them that the website is attempting to run a signed applet with an invalid signature. If that warning is bypassed, F-Secure says, the malware checks the victim's computer, and downloads different malicious files based on what operating system it detects.

Regardless of what OS is present, however, the malware's subsequent behavior is the same -- it downloads additional files from a remote server and creates a backdoor on an infected machine. Interestingly, the Mac OS version is a PowerPC binary, which means that Intel-based Macs are immune in most cases.

According to the researchers, the backdoor may have been created with a freely available penetration testing suite known as the Social-Engineer Toolkit.

The malware, which F-Secure has dubbed GetShell.A, is unusual in a couple of ways. First, attacks against Linux are relatively rare in and of themselves. While some experts say that this is due largely to the framework's comparatively small user base -- at least, in terms of desktop users -- others argue that Linux is intrinsically more difficult to compromise than Mac OS and Windows. What's more, malware that targets multiple platforms at once is uncommon, though it does happen.

Nevertheless, CNET blogger Topher Kessler wrote that it's far from the most dangerous malware on the Web. He says that it's likely that the backdoor is the brainchild of less technically gifted hackers, and noted that the aforementioned PowerPC oversight would dramatically limit the malware's effectiveness against Macs.

Email Jon Gold at [email protected] and follow him on Twitter at @NWWJonGold.

Read more about wide area network in Network World's Wide Area Network section.

IDG UK Sites

Apple promises developers better stability, performance for Swift

IDG UK Sites

5 things we hate about MWC: What it's like to be a journalist at a technology trade show

IDG UK Sites

Interview: Lauren Currie aims to help design students bridge skills gap

IDG UK Sites

12in Retina MacBook Air release date rumours: new MacBook Air to have fingerprint ID, could launch...