Keylogger/password stealing spyware on Linux???

[cmick30]

Hi, there!
I have been using different Linux distros for over 5 years now...
Being no power user, only a hobbyist, I am content on knowing how to use it, update, install new apps, etc.
However, something seems to bother me lately...
I am running Linux mint now, before it was Ubuntu....
So, while we all know that there is no serious virus threat to Linux in general, I do heavily wonder if for instance there is a possibility for me to have my web browser stored passwords stolen when I visit and watch movies on websites like http://www.1channel.ch/ , or watchseries.eu, which don't host them, but only give links to various other hostings sites. So, as I have my paypal, bank e-banking passwords stolen on Firefox/Chrome, is it possible that some code on these sites could exploit some Java, or Flash, or whatever unpatched hole, to steal my passwords?
I mean, I have all those privacy and safety add-ons installed, but I would just like to be sure...
I know there has been something about Wirenet cross platform malware http://blog.webroot.com/2012/09/14/wire ... -and-os-x/ , so if that has gotten people's attention, as something serious, could there not be some more, and increasingly more dangerous and powerful spyware?

thanks for your time!

[bigj231]

To be honest, that is a risk with any operating system. Your safest bet (In my opinion) is to not do or store any sensitive stuff on your computer. Since this is almost never practical, the best thing you can do is keep your OS up to date with the latest security updates. Do the same for all your plugins too.

If you're running Firefox, try noscript. It's a pain to use, but I've never had it let me down. You could also turn off java, flash, etc. That is again, not practical, but it is more secure if you are worried about vulnerabilities in those plugins.

The best way to keep stuff safe? Stay off of dodgy websites (like the ones you listed, torrent sites, you know the rest), don't do stupid stuff (ad banners anyone?), and don't do anything sensitive on public WiFi (or WiFi period). Also, don't sotre your passwords on your computer. If you have to type them in daily, you will not forget them, and they won't be in a file on your system.

[jmdeking]

To be honest, that is a risk with any operating system. Your safest bet (In my opinion) is to not do or store any sensitive stuff on your computer. Since this is almost never practical, the best thing you can do is keep your OS up to date with the latest security updates. Do the same for all your plugins too.

If you're running Firefox, try noscript. It's a pain to use, but I've never had it let me down. You could also turn off java, flash, etc. That is again, not practical, but it is more secure if you are worried about vulnerabilities in those plugins.

The best way to keep stuff safe? Stay off of dodgy websites (like the ones you listed, torrent sites, you know the rest), don't do stupid stuff (ad banners anyone?), and don't do anything sensitive on public WiFi (or WiFi period). Also, don't sotre your passwords on your computer. If you have to type them in daily, you will not forget them, and they won't be in a file on your system.

Good advise, if you want to store passwords do it in an encrypted database secured with a master password, I recommend Keepass 2.

[Webtest]

Boot a LiveCD/DVD system from a USB drive for watching your videos. I use a Kanguru Blue Thumbdrive which has a positive LOCK switch so there is NO way the Linux system can be tampered with. You can even shut down your hard drive so that your private information isn't even available on the system (my desktop hard drive is in a "drive drawer" and is nearly always turned off). See: http://forums.linuxmint.com/viewtopic.php?f=90&t=51015. I now use the following commands on my IBM XP laptop to totally disable the hard drive AND even remove the driver! Note that sda is the SATA0 channel on my desktop motherboard and the hdd in my Laptop as well.

Code: Select all

sudo -i
hdparm -y /dev/sda; echo offline > /sys/block/sda/device/state; echo 1 > /sys/block/sda/device/delete

Note that the second line is all on one line so that there is no chance of a daemon spinning the hard drive back up after the hdparm is issued.

Good luck, browse safe!
Blessings in abundance, all the best, & ENJOY!
Art in Carlisle PA, USA

[janerysong]

change passwords, back up files, and reformat i think would be the best option for you.
you'd be getting [url=http://www.myjad.com/keylogger-pro.html]Myjad keylogger software[/url] for spyware activity.