About | Buy | Forum | Industry Watch | Learning Curve | Products | Search | Twitter | Xnews
Home » Industry WatchThe Technological » Hall of Monkeys » Heroes Banquet)

Wirenet: Linux/OS X Trojan?

Dodgy like a sore thumb.


Buy It

Try It

ST PETERSBURG (Rixstep) — DrWeb have discovered a cross-platform trojan targeting Linux and OS X. They've christened it 'Wirenet'.

The trojan is designed to 'steal passwords stored by a number of popular Internet applications'.

DrWeb have not yet been able to trace the trojan's propagation.

Methodology

According to DrWeb, Wirenet installs itself in the user root directory and uses AES to communicate with its mothership located at 212.7.208.65, registered (and ostensibly run) in the Netherlands.

DrWeb also claim Wirenet functions as a keystroke logger, and harvests passwords entered through Opera, Firefox, Chrome, Thunderbird, SeaMonkey, and Pidgin.

DrWeb claim to have an AV update that successfully eradicates Wirenet, but given its rather clumsy location in the file system, it shouldn't be at all difficult to detect and remove on its own. For it's right there at the root of the user area.

See Also
The Technological: Apple and the War on Stupidity
DrWeb: First Trojan in history to steal Linux/OS X passwords

About | Buy | Forum | Industry Watch | Learning Curve | Products | Search | Twitter | Xnews
Copyright © Rixstep. All rights reserved.