Keylogger/password stealing spyware on Linux???

Chat about Linux in general

Keylogger/password stealing spyware on Linux???

Postby cmick30 on Tue Nov 27, 2012 11:31 pm

Hi, there! :)
I have been using different Linux distros for over 5 years now...
Being no power user, only a hobbyist, I am content on knowing how to use it, update, install new apps, etc.
However, something seems to bother me lately...
I am running Linux mint now, before it was Ubuntu....
So, while we all know that there is no serious virus threat to Linux in general, I do heavily wonder if for instance there is a possibility for me to have my web browser stored passwords stolen when I visit and watch movies on websites like http://www.1channel.ch/ , or watchseries.eu, which don't host them, but only give links to various other hostings sites. So, as I have my paypal, bank e-banking passwords stolen on Firefox/Chrome, is it possible that some code on these sites could exploit some Java, or Flash, or whatever unpatched hole, to steal my passwords?
I mean, I have all those privacy and safety add-ons installed, but I would just like to be sure...
I know there has been something about Wirenet cross platform malware http://blog.webroot.com/2012/09/14/wire ... -and-os-x/ , so if that has gotten people's attention, as something serious, could there not be some more, and increasingly more dangerous and powerful spyware?

thanks for your time! :)
cmick30
Level 1
Level 1
 
Posts: 1
Joined: Tue Nov 27, 2012 11:15 pm

Linux Mint is funded by ads and donations.
 

Re: Keylogger/password stealing spyware on Linux???

Postby bigj231 on Wed Nov 28, 2012 11:04 am

To be honest, that is a risk with any operating system. Your safest bet (In my opinion) is to not do or store any sensitive stuff on your computer. Since this is almost never practical, the best thing you can do is keep your OS up to date with the latest security updates. Do the same for all your plugins too.

If you're running Firefox, try noscript. It's a pain to use, but I've never had it let me down. You could also turn off java, flash, etc. That is again, not practical, but it is more secure if you are worried about vulnerabilities in those plugins.

The best way to keep stuff safe? Stay off of dodgy websites (like the ones you listed, torrent sites, you know the rest), don't do stupid stuff (ad banners anyone?), and don't do anything sensitive on public WiFi (or WiFi period). Also, don't sotre your passwords on your computer. If you have to type them in daily, you will not forget them, and they won't be in a file on your system.
Running on a 4-slot toaster @ 60Hz
User avatar
bigj231
Level 5
Level 5
 
Posts: 793
Joined: Fri Feb 26, 2010 10:16 am
Location: Middle of Nowhere

Re: Keylogger/password stealing spyware on Linux???

Postby jmdeking on Wed Nov 28, 2012 2:32 pm

bigj231 wrote:To be honest, that is a risk with any operating system. Your safest bet (In my opinion) is to not do or store any sensitive stuff on your computer. Since this is almost never practical, the best thing you can do is keep your OS up to date with the latest security updates. Do the same for all your plugins too.

If you're running Firefox, try noscript. It's a pain to use, but I've never had it let me down. You could also turn off java, flash, etc. That is again, not practical, but it is more secure if you are worried about vulnerabilities in those plugins.

The best way to keep stuff safe? Stay off of dodgy websites (like the ones you listed, torrent sites, you know the rest), don't do stupid stuff (ad banners anyone?), and don't do anything sensitive on public WiFi (or WiFi period). Also, don't sotre your passwords on your computer. If you have to type them in daily, you will not forget them, and they won't be in a file on your system.


Good advise, if you want to store passwords do it in an encrypted database secured with a master password, I recommend Keepass 2.
jmdeking
Level 2
Level 2
 
Posts: 58
Joined: Sun Jul 15, 2012 7:59 am

Re: Keylogger/password stealing spyware on Linux???

Postby Webtest on Wed Nov 28, 2012 9:14 pm

Boot a LiveCD/DVD system from a USB drive for watching your videos. I use a Kanguru Blue Thumbdrive which has a positive LOCK switch so there is NO way the Linux system can be tampered with. You can even shut down your hard drive so that your private information isn't even available on the system (my desktop hard drive is in a "drive drawer" and is nearly always turned off). See: http://forums.linuxmint.com/viewtopic.php?f=90&t=51015. I now use the following commands on my IBM XP laptop to totally disable the hard drive AND even remove the driver! Note that sda is the SATA0 channel on my desktop motherboard and the hdd in my Laptop as well.
Code: Select all
sudo -i
hdparm -y /dev/sda; echo offline > /sys/block/sda/device/state; echo 1 > /sys/block/sda/device/delete

Note that the second line is all on one line so that there is no chance of a daemon spinning the hard drive back up after the hdparm is issued.

Good luck, browse safe!
Blessings in abundance, all the best, & ENJOY!
Art in Carlisle PA, USA
BOAT - a hole in the water that you pour money into
LINUX - a hole in your life that you pour TIME into

HP dx2400 Core 2 Duo 4 GB - Mint 10 Gnome, Mint 13 Mate, Mint 15 Mate <on LOCKED Kanguru USB drives>
Webtest
Level 3
Level 3
 
Posts: 184
Joined: Sun Feb 21, 2010 4:45 pm
Location: Carlisle, Pennsylvania, USA

Re: Keylogger/password stealing spyware on Linux???

Postby janerysong on Thu Nov 07, 2013 6:35 am

change passwords, back up files, and reformat i think would be the best option for you.
you'd be getting Myjad keylogger software for spyware activity.
janerysong
Level 1
Level 1
 
Posts: 1
Joined: Thu Nov 07, 2013 6:26 am


Return to Chat about Linux

Who is online

Users browsing this forum: No registered users and 8 guests