Author Topic: Linux virus/spyware? (Read 2387 times)

Piru · « **on:** February 05, 2010, 08:38:29 PM »

The most likely explanation is that she was tricked to give away her credentials somehow: phishing website or similar. That is by far the most effective way to steal logins.

Piru · « **Reply #1 on:** February 05, 2010, 08:39:23 PM »

Quote from: motorollin;541726

Cheers Karlos. How do they work? What would she need to have done to fall victim to it?

http://www.google.com/search?q=paypal+phishing

Piru · « **Reply #2 on:** February 05, 2010, 08:49:27 PM »

Quote from: motorollin;541729

@Piru
As I said she told me she hasn't provided her login details to anybody, and she is aware of phishing emails and doesn't respond to them. I was asking Karlos how the cross-site scripting attacks work.

Well, paypal itself has had multiple Cross-Site Scripting vulnerabilities in the past. These could be abused to modify the website functionality and to steal login credentials. For the attack to work the user would still have to follow a link provided by the attacker (but it'd appear to be http://www.paypal.com).

For example: http://news.netcraft.com/archives/2008/05/16/paypal_xss_vulnerability_undermines_ev_ssl_security.html

Observe.

The user lands the link provided by the attacker and enters the credentials:

The attacker modified website functionality could send the credentials to any address. In this example the website does not exist, however:

Piru · « **Reply #3 on:** February 05, 2010, 10:07:21 PM »

Quote from: motorollin;541738

So I'm faced with trying to talk her through installing a virus scanner on Linux when I don't even know how to do it myself 0_o

http://www.clamav.net/download/packages/packages-linux/

Author Topic: Linux virus/spyware? (Read 2387 times)

Piru

Re: Linux virus/spyware?

Piru

Re: Linux virus/spyware?

Piru

Re: Linux virus/spyware?

Piru

Re: Linux virus/spyware?