Cybercriminals Shifting To Bugat 48
wiredmikey writes "Cybercriminals are changing up their weapons, trying to diversify their attack tools using a platform that is less well known and therefore harder to detect and block. With so much focus on the ZeuS Trojan, recent attacks utilized a variant of 'Bugat,' another Trojan horse that steals information from a compromised computer and sends it to a remote host. Bugat was first discovered in January of this year but, like ZeuS, has seen some different variants. In last week's attack, LinkedIn users received emails alerting them of a 'Contact Request,' and encouraging them to click through to a malicious URL where a java applet fetched and installed the Bugat executable."
Re:Moral of the story: never click through (Score:3, Interesting)
I switched to Linux (and my wife and daughters to Macs) a few years ago and I don't worry about malware any more. (Note to partisans: I know that both of these OSs can be "theoretically" compromised but the reality is that it just doesn't happen since you need to be a really stupid user and type in your password to give the malware access to do any real damage.)
I've set up VMs for Windows if I absolutely must run some Windows software but I've found I rarely use them.
- It did cost some time and money to switch but...
- Freedom from malware... priceless.
According to Symantec, Windows only (Score:3, Interesting)
But of course, I had to dig to find that particular piece of information. Most of the write-ups ignore the question of what host OS/systems are vulnerable. http://securityresponse.symantec.com/security_response/writeup.jsp?docid=2010-013112-4647-99 [symantec.com]
It's truly appalling that the great number of discussions are either (a) ignorant of the question of 'host vulnerability', (b) assume that everyone is running Windows; or (c) can't be bothered to determine what hosts are vulnerable. If I were sufficiently paranoid, I'd believe this is part of the continuing conspiracy to make everyone believe that such vulnerabilities are a 'fact of life' for all computers, and not just Microsoft products.