Trojan on Suse?

user · July 27, 2009, 11:01am

Hi Everybody,

is it possible to infect the suse with a trojan. I attached a picture:http://img.index.hu/imgfrm/1/5/4/1/BIG_0006221541.jpg
Thanks for your help!
Áron

user · July 27, 2009, 11:03am

Oh. I wanted to ask! So is it possible to infect the SuSE with a trojan?

oldcpu · July 27, 2009, 11:23am

Yes, it is possible to infect any Linux distribution with a Trojan, but it is EXTREMELY unlikely that the image you posted is designed to go after a Linux PC. The Javascript popup you saw is likely there to infect an MS-Windows user.

Even if such a Javascript was designed for Linux, the script does not have root access, so it needs to be very clever to try and progress further than the user account (although there are theoretical techniques that have been proposed to hack from user to root - but from the little I know, this is theory - no one has put the techniques I have read in to practise yet). Since the Linux world tends to be anarchy, on many occasions what works on one Linux distribution, does not work on another Linux distribution, adding complexity to the Trojan writer’s efforts.

The most common way of infecting a Linux PC is for a bot to break in via ssh in an unprotected port#22, hack the user’s root password (if open to root) and then deposit an unpleasant application that way, and hide its tracks by going after common file locations.

Some malevant applications are designed to go after Linux servers. The average Linux client/user is very far off the malevant hacker’s radar. WinXP and WinVista are more attractive targets for their efforts.

Most (but not all) that one reads about Linux and torjans/virus is that any such apps for Linux are only theory, with very little “in practise” implementations.

microchip8 · July 27, 2009, 11:27am

that’s a bogus site which uses javascript to mislead you into thinking that your system is infected so it can make you install some suspecious program on it which apparently will clean your system from the non-existant trojan. It’s all a scam

Yes, it is possbile to infect linux with a trojan but for that to happen your must explicitly give the trojan root access to install itself. If not, it’ll do very little or nothing at all. Also, on UNIX/Linux you shouldn’t worry about trojans or viruses, what you should worry about is rootkits. rkhunter is a rootkit detection utility which can tell you if your system is infected with a rootkit

caf4926 · July 27, 2009, 11:57am

Be thankful you don’t use windows and that you are not brain dead enough to click Ok.