Email us! Subscribe to Liquidmatrix!

eBay: Phishers Upgrading To Linux

Author: Dave Lewis
October 6, 2007 at 10:18 am · Filed under Spam/Phishing

The folks from eBay have done an analysis on the attacks that they experience. They discovered that the majority of attacks were originating from rootkitted Linux boxes. Now, before the Windows koolaid drinkers start pointing and hooting realize this point. The Linux boxes are being targeted by phishers as they are prized for their reliability.

From Computer World NZ:

“The vast majority of the threats we saw were rootkitted Linux boxes, which was rather startling. We expected Microsoft boxes,” he said.

Rootkit software covers the tracks of the attackers and can be extremely difficult to detect. According to Cullinane, none of the Linux operators whose machines had been compromised were even aware they’d been infected.

Although Linux has long been considered more secure than Windows, many of the programs that run on top of Linux have known security vulnerabilities, and if an attacker were to exploit an unpatched bug on a misconfigured system, he could seize control of the machine.

Because Linux is highly reliable and a great platform for running server software, Linux machines are desired by phishers, who set up fake websites, hoping to lure victims into disclosing their passwords.

An example of that reliability can be found in one of my own Linux boxes. It has been running smoothing with an uptime of 942 days. Not too shabby. Mind you it is also not directly attached to the internet.

Article Link

Tags: , ,

Tag It:
  • Digg
  • del.icio.us
  • Slashdot
  • Technorati
  • SphereIt
  • StumbleUpon
  • Fark
  • YahooMyWeb
  • Furl
  • Spurl
  • Ma.gnolia
  • NewsVine
Related Articles:

  • We’re Upgrading Liquidmatrix…Again
  • ENIGMA Machine For Sale On eBay
  • EBay To Host Security Conference
  • ‘Fiendish’ Trojan Pickpockets eBay Users
  • Your March 5th Morning Coffee

    • kurt wismer said,

    October 6, 2007 @ 11:17 am

    while it is true that the windows koolaid drinkers should be aware that the linux boxes are prized for their reliability, *nix koolaid drinkers should keep in mind that rootkits (the real ones) came from the *nix platform in the first place…

    i wonder how many of those affected sysadmin’s were operating under a false sense of security as a result of using linux and weren’t taking sufficient security precautions like booting from a floppy and looking for unauthorized changes… my guess would be probably not too many since clean booting (in order to operate from a known good environment) on a regular basis would ruin their uptime statistics…

    Dave Lewis said,

    October 6, 2007 @ 11:40 am

    Hey Kurt

    :D

    Yeah, all OS acolytes should take this as a lesson that ANY OS or software package is vulnerable. If it isn’t today, wait 5 minutes. The sobering effect of this study will most likely be lost on sysadmins in general but, hope springs. Vigilance is not optional.

    microsoft » eBay: Phishers Upgrading To Linux said,

    October 6, 2007 @ 12:02 pm

    [...] john wrote an interesting post today onHere’s a quick excerptThe folks from eBay have done an analysis on the attacks that they experience. They discovered that the majority of attacks were originating from rootkitted Linux boxes. Now, before the Windows koolaid drinkers start pointing and hooting realize this point. The Linux boxes are being targeted by phishers as they are prized for their reliability. From Computer World NZ: The vast majority of the threats we saw were rootkitted Linux boxes, which was rather startling. We expected Microsoft [...]

    IT Security » Blog Archive » Threats this week… said,

    October 25, 2007 @ 1:24 pm

    [...] eBay discovered this when they analyzed the attacks that were being made against them, reported Dave Lewis last [...]

    RSS feed for comments on this post · TrackBack URI

    Leave a Comment