Researchers at Perception Point have discovered a Linux vulnerability with implications for millions of Linux systems as well as 66 percent of Android devices. In the case of Android phones running the KitKat operating system and later versions, it could allow a malicious app to gain control of the device’s operating system. According to the original report, “While neither us nor the Kernel (Ed: Linux) security team have observed any exploit targeting this vulnerability in the wild, we recommend that security teams examine potentially affected devices and implement patches as soon as possible.”

Luckily, Linux distributions are expected to release security patches for the vulnerability this week, though the scale of the vulnerability suggests that some systems will remain at risk. PC World reports about the problematic nature of such updates: “The Android ecosystem is known for its version fragmentation and long update delays. Google shares security patches with Android device manufacturers, who then have to apply them to their separately maintained source code trees and build updated firmware packages for each of their products. Some of the updates then need to be distributed to users with the help of mobile carriers.”

New Trojan Takes Screenshots

In other Linux news, a newly discovered trojan can monitor infected machines by taking screenshots every 30 seconds and uploading them to a remote server. Discovered by the company Dr. Web, the trojan infects Linux machines and monitors the user’s desktop, saving screenshots of their activities at half minute intervals in JPEG or BMP format, then uploading them to the attacker’s server. Furthermore, the malware has the ability to surreptitiously record the user: “Along with the ability of screenshot taking, the Trojan has the AbAudioCapture special class to record sound and save it with the name of aa-%d-%s.aat in the WAV format.” This audio recording capability was not being utilized by the trojan at the time of testing. Perhaps the malware creators are aiming for a higher level of user surveillance in the future. 

 

Powered by WPeMatico