Results 1 to 6 of 6

Thread: (windows?) trojan found in icedtea-cache - any danger?

  1. #1

    Default (windows?) trojan found in icedtea-cache - any danger?

    Heya!

    I was bored and did a clamav scan on my system.

    It found "Trojan.JS.Selace-1" in the cache of the icedteaplugin in home directory

    I had opened an infected web site a few days ago. Could it be from that?

    More important however: Can I just delete the infected file and forget about it? Or do I have to worry that it has infected firefox somehow? Are the passwords etc. that I have entered in the mean time, safe?

    Sorry for the stupid questions. I've been using Linux for years now but never really got into detail with it.

    Any help is much appreciated! Thanks!
    Peter

  2. #2
    palladium NNTP User

    Default Re: (windows?) trojan found in icedtea-cache - any danger?

    PeterRST wrote:
    > It found "Trojan.JS.Selace-1" in the cache of the icedteaplugin in home
    > directory


    really, i don't know for _sure_ but i google "Trojan.JS.Selace-1" and
    find a report of its existance since 24 Dec 10, *and* if googled along
    with the word "linux" in the string, well in either case i find not a
    single person reporting it as a threat to a Linux system..

    there _must_ be a place/forum where folks more worried about these
    phantom threats than i am congregate and discuss while shivering..

    you were not browsing in a root powered way, were you?

    --
    palladium

  3. #3

    Default Re: (windows?) trojan found in icedtea-cache - any danger?

    Nope, I wasn't.

    What happened to me was basically the same that happened to this guy:

    I Can Haz Virus

    Only that my firefox didn't give me any warnings first. The site just spat 3 or 4 java dialogues (i remember clicking "no" but this could have been tricked aswell?) at me and then simulated a windows computer getting properly owned (must have been a talented java/flash artist)... *lol* I then just closed the window, emptied firefox cache and forgot about it.

    But now I stumbled across that Trojan in my Java cache and don't quite know what to think of it. I'm 99% sure I'm not at risk but then again, I've always been very paranoid...

  4. #4
    palladium NNTP User

    Default Re: (windows?) trojan found in icedtea-cache - any danger?

    you call yourself very paranoid AND admit you did what the guy on the
    blog did????

    let me see, you have made TWO posts here....are ya just trying to
    spread a little fear here, or what...your very first one ever here was
    a scary story...

    here is your answer: your machine *is* safe if you do not browse as
    root *and* you exercise common sense, like:

    -run trip wire
    -run rkhunter
    -don't download executable files/scripts from strangers and RUN them
    -run behind a firewall/nat router
    -etc
    -etc
    -backup often

    on the other hand, if you run Linux like 95% of the earth runs Windows
    you might as well go ahead and buy yourself a anti-virus software
    license and run it in WINE so you feel "protected"...

    --
    palladium
    Ten years running Linux...never had a anti-virus program, infection,
    crack, etc....not scared by PeterRST's scary story....but, then again
    i have no Redmond Malware Magnet on in my house..

  5. #5

    Default Re: (windows?) trojan found in icedtea-cache - any danger?

    Obviously I didn't do what the guy did and tried to get the virus running in wine. But it was the same kind of attacking website I stumbled upon. Without a firefox warning unfortunately.

    God no, I'm not trying to spread fear. It was a genuine question...

    And it's my first post because Linux has been running absolutely spot on for me for 4 years now. I simply didn't have anything to ask in all that time.

  6. #6
    palladium NNTP User

    Default Re: (windows?) trojan found in icedtea-cache - any danger?

    PeterRST wrote:
    > And it's my first post because Linux has been running absolutely spot
    > on for me for 4 years now. I simply didn't have anything to ask in all
    > that time.


    you are one lucky feller! four years no problems...that is great..

    really, i would just delete that file and press on...

    for better help you will have to find someone with enough fear to keep
    up with it all...really, i don't...

    *or* here is an idea for you to consider: Become an expert on such and
    drop in here every couple of days and see if there are any hot virus
    questions you can answer _authoritatively_ ... i mean we get folks in
    here all the time with one day of Linux experience with nothing on
    their mind but getting an anti-virus something installed RIGHT NOW!!

    most of us can only say don't worrry about it....it would really be
    nice to have someone who has cared enough to study the situation, and
    speak up...

    ymmv

    oh! one other thing i recommend you do: *stop* running a windows virus
    checker against your Linux partitions...as it might scare you again,
    needlessly!!

    --
    palladium

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •