RSA Warns of New Linux Banking Trojan


RSA researchers recently came across a new banking Trojan called "Hand of Thief," a commercial operation that appears to be fully staffed with support agents, sales reps and software developers.

The malware, which is designed to steal banking information from PCs running Linux, is currently for sale on cybercrime forums for $2,000.

According to the developer, the malware has been tested on 15 different Linux distributions, including Ubuntu, Fedora and Debian. While the Trojan currently includes form grabbers and backdoor capabilities, the price is expected to increase to $3,000 in the future with the addition of new functionality.

RSA cyber intelligence expert Limor Kessem notes that the malware's pricing is matched to similar malware for Windows, which is surprising for an operating system with a much smaller user base.

"[W]ith recent recommendations to leave the supposedly insecure Windows OS for the safer Linux distributions, does Hand of Thief represent the early signs of Linux becoming less secure as cybercrime migrates to the platform? Only time will tell," Kessem writes.