All the latest UK technology news, reviews and analysis
|
|
|
26 Sep 2001
Linux users were tricked into downloading a Trojan after destructive hackers managed to sneak a malicious script onto the Vuln-Dev security mailing list late last week.
Apparently the cyber vandals tried twice to sneak malicious code, disguised as an exploit for wu-ftpd, onto the Security Focus mailing list. The first attempt was to get the exploit onto the BugTraq mailing list, but suspicious moderators canned it.
However, while everyone was busy with the Nimda worm, the Trojan appeared on the Vuln-Dev list which has 14,300 subscribers.
The malicious code is buried in what appears to be an exploit for wu-ftpd, a replacement FTP daemon for Unix systems. Reports suggest that wu-ftpd is the most popular FTP daemon on the internet, used by sites all around the world and potentially putting thousands of users at risk.
If compiled and run, the destructive code drops a Trojan that deletes most of the files found on the hard drive of the host.
The authenticity of the exploit was further socially engineered by the hackers when they credited the discovery to security consultant and author of the Happy Hacker books, Carolyn Meinel.
The code was also emailed out from her address, but Meinel insists that the message was forged by intruders who broke into her web server and took control of her mail system.
Fortunately, users spotted the hoax fairly quickly and Vuln-Dev managed to get a message out before the weekend to alert people to the malicious nature of the code.
One user warned: "DO NOT RUN wu261.c, quoted below, as posted by Carolyn Meinel! It is a malignant Trojan which will delete all files in the home directory of any users running it."
Meinel's website was also hacked earlier this year by defacement group Girli3z for H4cking, which also managed to compromise her mail server and post the entire contents of her inbox online.
There is some speculation among users that the trick was carried out in a bid to defame Meinel, who appears to have made a lot of enemies in the security industry and has a placement in security site Attrition's hall of shame.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
IFW, Information FrameWork, IBM, Platform Expert, Architect...
Position: Software Development Manager Location: London...
EPOS Support Specialist - London / Waterloo / Lambeth...
An exciting opportunity has come up as a result of further...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?