Re: [PLUG] Linux.BtcMine.174

On November 27, 2018 5:46:41 PM EST, Rachel plays Linux <rachelneko@gmail.com> wrote:

Aside from user mistake, the most common vectors would be web server vulnerabilities that lead to privilege escalation (It incorporates dirty coe.) and malvertising that can execute processes via a browser.

On Tue, Nov 27, 2018, 3:24 PM Floyd Johnson <fljohnson3@isp.com wrote:
K.S. Bhaskar's observation:

> Date: Tue, 27 Nov 2018 13:28:20 -0500
> From: "K.S. Bhaskar" <ksbhaskar@gmail.com>
> To: "Philadelphia Linux User's Group Discussion List"
> <plug@lists.phillylinux.org>
> Subject: [PLUG] Linux.BtcMine.174
> Message-ID:
> <CAH+rS9cTiRSg4vaJZt0duwRvC4o_J=t+VydD7aQZKAyL9gjndA@mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> https://vms.drweb.com/virus/?i=17645163 seems serious, but doesn't discuss
> how the script could get on your computer in the first place, short of
> someone downloading it and running it. Is there more to this than, “If you
> play Russian roulette, the consequences can be dangerous”?
>
> Regards
> – Bhaskar

reminds me of a more general question:

Aside from "deceive the user into executing the malware" (a Trojan
Horse; I believe the "candy drop" involving USB sticks is a variant on
that) and "force one's way into the target machine" (exploiting a daemon
with a weakness that allows arbitrary code execution), how are these
things getting on people's computers in the first place?

___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug