Re: [PLUG] BackDoor.Wirenet.1

[Sam Gleske <sam.mxracer@gmail.com>]

On Wed, Sep 5, 2012 at 7:35 AM, K.S. Bhaskar <bhaskar@bhaskars.com> wrote:

Thanks, Sam.

I was wondering if it was for real or something made up.  It gave very little detail, and what detail there was didn't seem entirely plausible (especially because Linux passwords and passwords stored by browsers are two very different things).  Hypothesizing for a minute that it was for real, the only plausible way I can think of to exploit a browser vulnerability to insert a key-logger is to somehow put in a custom keymap.

Where I was going was that it wouldn't be the first case of a vendor making up a threat to sell protection 

Regards

-- Bhaskar

I do not know if it is real.  All of the news sources point to that same Dr. Web as their source of information.  I have never heard of Dr. Web.  I just gave you information to remove it and thwart it based on information provided by Dr. Web and a few other forums talking about it.  It is not impossible that something like that exists.  After all there's that Java 7 exploit which affects all systems so passwords could easily be stolen from browsers, IM clients, and keys logged with a keylogger.

So it's not impossible nor implausible.

SAM

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug