Hi all. I guess this incident should be thoroughly investigated. I read the reporter's account (Jerome Segura). It does not seem to be quite trustworthy and competent. E.g., he talks about "changing" in the start- up entries?? He did not attempt to kill either the java process first, nor the X-session second. He clearly is a windows "scientist".
My question is, how come the mentioned code being downloaded from the malicious website is executable? Or is it the java process executing the script? What the java process' privileges? Why isn't it killed by the parent firefox-bin process? The author mentions it in the article. There is a great misconception about unix-based systems in the public. One can go to http://en.wikipedia.org/wiki/Linux_malware, read the article and a very wrong impression. Most of the links are misleading , like this "The number of malicious programs — including viruses, Trojans, and other threats — specifically written for Linux has been on the increase in recent years and more than doubled during 2005 from 422 to 863". If you follow the link you find out it to be a blather. Most of the listed linux viruses turned out to be alb ones or very old ones. Others will very unlikely to propagate, since should be installed by the USER! -- Trojan under Linux passing by Java ! ! ! https://bugs.launchpad.net/bugs/668314 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
