An anonymous reader writes: Dr.Web, a Russian antivirus maker, has detected a new threat against Linux users: the Linux.Ekoms.1 trojan. It includes functionality that allows it to take screenshots and record audio. While the screenshot activity is working just fine, Dr.Web says the trojan's audio recording feature has not been turned on, despite being included in the malware's source code. "All information transmitted between the server and Linux.Ekoms.1 is encrypted. The encryption is initially performed using the public key; and the decryption is executed by implementing the RSA_public_decrypt function to the received data. The Trojan exchanges data with the server using AbNetworkMessage."