Security Experts Unveils Linux IRCd Trojan
The security experts said that Linux users are not that immune to security threats as they believe themselves to be and warned those who have installed Linux version of IRC server Unreal since November 2009 to check for a Trojan, as per the news published by The Register on June 14, 2010.
Announcing the security flaw in UnrealIRCd, project admin said that an undetected Trojan could have provided someone unrestricted access to the Linux software. Two ways in which user can check whether his version is infected have been mentioned in the advisory. It also lists the instructions to fix the flaw.
The Unreal team said that the incident was very embarrassing, as per the news published by PCPRO on June 14, 2010. They discovered that the Unreal18.104.22.168.tar.gz file on their mirrors was substituted sometime ago with a version having a backdoor Trojan in it, the team added.
The backdoor facilitates a person to run ANY command with the user privileges who's running ircd. This backdoor can be run without any user restrictions.
Giving further details, Chester Wisniewski, a security expert at security firm Sophos, the source code was containing the backdoor since as far as November 2009, which provided an easy entrance into the infected systems, as per the news published by bit-tech on June 14, 2010.
However attacks against Linux are much rarer than those against Windows, but the trend is changing. While the in-built security features in the operating system, like commonly running as non-admin user and requirement to mark files prior to running as executables, make it extremely tough to target Linux operating systems, there are cyber crooks who continuously try in this direction.
Syzop, an Unreal Administrator, begged apology for this embarrassing error and stated that precautions had been adopted to not let the incident happen again, as per the news published by The Register on June 14, 2010. He noted that files will be PGP signed in future.
Related article: Securities Push Up A Must For Web Companies
» SPAMfighter News - 22-06-2010