prushik on 27 Nov 2018 14:58:43 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] Linux.BtcMine.174 |
Aside from user mistake, the most common vectors would be web server vulnerabilities that lead to privilege escalation (It incorporates dirty coe.) and malvertising that can execute processes via a browser.On Tue, Nov 27, 2018, 3:24 PM Floyd Johnson <fljohnson3@isp.com wrote:K.S. Bhaskar's observation:
> Date: Tue, 27 Nov 2018 13:28:20 -0500
> From: "K.S. Bhaskar" <ksbhaskar@gmail.com>
> To: "Philadelphia Linux User's Group Discussion List"
> <plug@lists.phillylinux.org>
> Subject: [PLUG] Linux.BtcMine.174
> Message-ID:
> <CAH+rS9cTiRSg4vaJZt0duwRvC4o_J=t+VydD7aQZKAyL9gjndA@mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> https://vms.drweb.com/virus/?i=17645163 seems serious, but doesn't discuss
> how the script could get on your computer in the first place, short of
> someone downloading it and running it. Is there more to this than, “If you
> play Russian roulette, the consequences can be dangerous”?
>
> Regards
> – Bhaskar
reminds me of a more general question:
Aside from "deceive the user into executing the malware" (a Trojan
Horse; I believe the "candy drop" involving USB sticks is a variant on
that) and "force one's way into the target machine" (exploiting a daemon
with a weakness that allows arbitrary code execution), how are these
things getting on people's computers in the first place?
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug