Results 1 to 4 of 4

Thread: Question about Zeus attack

  1. #1

    Question Question about Zeus attack

    I had gotten an email that seemed to be from LinkedIn that was a request for someone to be my contact. I did click on the link in the email (That was stupid of me) and when it took me to the sign in page, I was presented with one of those captchas. After I got into my account and looked at the person's page, I deleted the new contact. Then I saw this ZDnet article:
    LinkedIn users targeted for spam attacks - ZDNet

    I changed my LinkedIn password after reading that.

    So now I'm concerned. I've read that the Zeus trojan had hit non MS systems, such as Mac, and even the Wii.

    My question is: Can SuSE Linux get infected too?

    (I'm running SuSE 11.2 and have all the updates so far and I use SeaMonkey as my browser.)

  2. #2
    Join Date
    Nov 2009
    Location
    West Virginia Sector 13
    Posts
    15,748

    Default Re: Question about Zeus attack

    Well I doubt it can "infect" the machine but it can social engineer your passwords from you. I got a whole slue of them here also. I saw that the site they pointed to was not in fact LinkedIn but some random string of letters. A good sign that something is rotten.

  3. #3

    Default Re: Question about Zeus attack

    Hi there,

    i first would like to ask you some questions:

    1- do you have any other computer running any version of M$ or did you have had one recently?

    if the answer is yes, you might still be recieving those social engineering trials because your other machine might have been infected and the person on the other site can't access it right now, so, as it still probably responds from the same ip range (isp range, because this info can be gathered and patternized) he is trying to re-gain access to it.

    2- is your suse properly configured? firewall setup, etc..?

    beware, linux can be super secure, but if miss configured it can become very easy to gain access to it.

    3- which services/web services are you running on that suse machine, if any? eg. file sharing, web, ftp, dns...?

    in any case, please provide the more detailed information you can.

    regards

  4. #4

    Default Re: Question about Zeus attack

    Firewall is up and running.
    My Windows XP was not running at the time, only SuSE. The Windows machine is not used to access the email account that receives mail from LinkedIn.

    services/web services are you running on that suse machine, if any? eg. file sharing, web, ftp, dns...
    I don't think that any of those are/were running. I just had my browser and email open, that was it. The browser was open to my home pages at the time.

    How can I know is such services are running? I took a look at the system monitor and there are lots of stuff listed but I have no idea if they are running and the list is too long for me to type them all in.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •