Linux virus/spyware?

[Karlos]

My sister phoned me tonight to say that her PayPal account has been hijacked. She said she only ever logs on the PayPal on her Linux netbook, and hasn't responded to any phishing emails. Is it possible that a virus or malware has found its way on to her Linux machine? Do Linux viruses and malware even exist?

--
moto

There are some, but it's unlikely she'd have gotten any. I wonder if she's been the victim of a cross site scripting hack online?

[Karlos]

@Piru
As I said she told me she hasn't provided her login details to anybody, and she is aware of phishing emails and doesn't respond to them. I was asking Karlos how the cross-site scripting attacks work.

--
moto

Well, there are quite a few methods. She might not respond to phishing emails but there are other ways to catch people. Cross site scripting hacks basically involve the injecting malicious code into otherwise legitimate sites and using that to steal details:

http://en.wikipedia.org/wiki/Cross-site_scripting

The following firefox "noscript" plugin is pretty useful and is regularly updated: http://noscript.net/

[Karlos]

For example: http://news.netcraft.com/archives/2008/05/16/paypal_xss_vulnerability_undermines_ev_ssl_security.html

A security researcher in Finland has discovered a cross-site scripting vulnerability on paypal.com that would allow hackers to carry out highly plausible attacks, adding their own content to the site and stealing credentials from users.

Was it you?