...The new Web-based social engineering attack, first detected on a compromised website in Colombia, relies on a malicious Java applet to install backdoors on Windows, Mac, and Linux computers. When you first visit such a compromised site, you are prompted to install the Java applet, which unsurprisingly hasn't been signed with a certificate. If you do so, the applet checks which operating system you have (Windows, Mac OS X, or Linux) and then drops a corresponding Trojan for your platform...
...[Which has] one purpose: to connect to a Command and Control (C&C) server and await further instructions. These typically include downloading additional malware and executing it. The security company did note, however, that ever since it began monitoring this particular attack, the C&C server hasn't pushed any additional code. That being said, it could technically do so at any time.
It appears that the Trojan downloader was written using the Social-Engineer Toolkit (SET), an open-source and publicly-available Python tool designed for penetration testing. It is very unlikely that this is a penetration test.
Malware writers love using a cross-platform plugin as an attack vector because it allows them to target more than one operating system, and thus more potential users. It shouldn't surprise you that Java is being used: the platform has loads of security holes, and it runs on all the major operating systems.
Cross-platform Trojan Attacks Windows, Mac, Linux
Cross-platform Trojan Attacks Windows, Mac, Linux
Cross-platform Trojan checks your OS: Attacks Windows, Mac, Linux
My naive question. How do I know if I have java or not?F-Secure, which first found the Web exploit, detects the
initial malware as Trojan-Downloader:Java/GetShell.A.
The respective payloads for Windows, Mac, and Linux
are detected as follows:
Backdoor:W32/GetShell.A,
Backdoor:OSX/GetShell.A (PowerPC binary,
requires Rosetta on an Intel-based platform), and
Backdoor:Linux/GetShell.A.
What are they talking about in the quote I make here above?
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
http://javatester.org/enabled.htmlnooby wrote:My naive question. How do I know if I have java or not?
In Puppy you have to install Java JRE
Thanks I did a bookmark to that test and I seems to not have the java.
I most likely confuse it with Python language. Maybe python require java?
Hope I am not derailing. So how does one protect onself from this
cross platform threat then?
Thanks to Flash for the link.
I most likely confuse it with Python language. Maybe python require java?
Hope I am not derailing. So how does one protect onself from this
cross platform threat then?
Thanks to Flash for the link.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
No, Python does not require Java.
Do you know a good gtkdialog program? Please post a link here
Classic Puppy quotes
ROOT FOREVER
GTK2 FOREVER
Classic Puppy quotes
ROOT FOREVER
GTK2 FOREVER
-
- Posts: 1885
- Joined: Tue 05 Jun 2012, 12:17
- Location: Wisconsin USA
If you haven't installed Java JRE you are not vulnerable to this exploit, Java JRE is the cross-platform environment it uses.nooby wrote: So how does one protect onself from this
cross platform threat then?
If you have installed Java JRE you can drastically lower the odds of such exploits by using NoScript where you have to give permission for a webpage to run Java applets.
Another solution would be to browse the internet with a version of puppy which is not saved after use, (e.g. from DVD-R disc) : a pristine version is loaded every time you boot it up.
Java Run Env (JRE) seems to be needed by LibreOffice
Which other programs need it?
http://murga-linux.com/puppy/viewtopic.php?t=77821
it also has JRE/Java? On all the others one need to install
it first. Ooops just my wild guess though
Which other programs need it?
http://murga-linux.com/puppy/viewtopic.php?t=77821
So if a Puppy has LibreOffice from scratch then most likelyJRE or JAVA PETs issues in Puppy LInux distros
it also has JRE/Java? On all the others one need to install
it first. Ooops just my wild guess though
Last edited by nooby on Fri 13 Jul 2012, 10:46, edited 1 time in total.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
Last I checked, OpenOffice/LibreOffice didn't absolutely require Java - it's needed to run Calc and some other functions, but not everything. The maintainers do their level best to recommend Java be installed, though, of course.
I know Java has a Control Panel applet on Windows that allows you to change the settings, including the security settings. Can we do that on Linux? I think I saw a setting to disallow unsigned (no certificate) Java apps... of course, I'm probably wrong.
I know Java has a Control Panel applet on Windows that allows you to change the settings, including the security settings. Can we do that on Linux? I think I saw a setting to disallow unsigned (no certificate) Java apps... of course, I'm probably wrong.
[ Puppy 4.3.1 JP, Frugal install ] * [ XenialPup 7.5, Frugal install ] * [XenialPup 64 7.5, Frugal install] * [ 4GB RAM | 512MB swap ]
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
Not Calc - Base, which is the openoffice alternative to MS Access. So most people would never use it.Makoto wrote:Last I checked, OpenOffice/LibreOffice didn't absolutely require Java - it's needed to run Calc and some other functions
But I thought Libreoffice was getting rid of that dependence on Java?
Last edited by disciple on Fri 13 Jul 2012, 15:46, edited 1 time in total.
Do you know a good gtkdialog program? Please post a link here
Classic Puppy quotes
ROOT FOREVER
GTK2 FOREVER
Classic Puppy quotes
ROOT FOREVER
GTK2 FOREVER
I don't use it enough to remember the name at all times.
As for trying to remove or lessen its dependence upon Java, I don't know... I haven't heard anything about it. I've always thought Base was heavily dependent upon Java, so it'd be rather difficult to separate it.
As for trying to remove or lessen its dependence upon Java, I don't know... I haven't heard anything about it. I've always thought Base was heavily dependent upon Java, so it'd be rather difficult to separate it.
[ Puppy 4.3.1 JP, Frugal install ] * [ XenialPup 7.5, Frugal install ] * [XenialPup 64 7.5, Frugal install] * [ 4GB RAM | 512MB swap ]
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
Ah:
http://wiki.documentfoundation.org/Development/JavaLibreOffice contains various pieces of code written in Java. Some of these pieces are currently being replaced/rewritten, but it is likely that LibreOffice will contain Java code for quite some time.
...
Some think java is a slow memory hog, others think it is a legal swamp that invites lawsuits. Neither might be true, but some developers have nevertheless expressed their desire to remove Java usage in LO over time.
Do you know a good gtkdialog program? Please post a link here
Classic Puppy quotes
ROOT FOREVER
GTK2 FOREVER
Classic Puppy quotes
ROOT FOREVER
GTK2 FOREVER
The level of incorrrect statements put forward as facts is bewildering.disciple wrote:Not Calc - Base, which is the openoffice alternative to MS Exchange. So most people would never use it.Makoto wrote:Last I checked, OpenOffice/LibreOffice didn't absolutely require Java - it's needed to run Calc and some other functions
But I thought Libreoffice was getting rid of that dependence on Java?
Base is the OpenOffice/LibreOffice alternative to Microsoft's dataBASE Access. (The clue is in the name). MS Exchange is a server for e-mail, calenders, to-do lists etc.
As such Base might be used by quite a few people, certainly people here in the past have asked for a Database.
I think, on Windows at least, that Java may be needed to display LibreOffice help without being connected to the internet. Not sure if this is the same for Linux.
The op mentions that the user is prompted to install the malicious Java applet. The solution then is to 'just say no'. No problem for Puppy users then, who usually have more than half a brain.
Oh dear, I can't believe I wrote that
I know I've done too many 18 hour days lately, but that's shocking...
Yes, Access.
I know I've done too many 18 hour days lately, but that's shocking...
Yes, Access.
Do you know a good gtkdialog program? Please post a link here
Classic Puppy quotes
ROOT FOREVER
GTK2 FOREVER
Classic Puppy quotes
ROOT FOREVER
GTK2 FOREVER
Yeah, I should have been paying attention, too... in my defense, though, I came home at about 11, last night, and was probably running on autopilot for a few hours.
[ Puppy 4.3.1 JP, Frugal install ] * [ XenialPup 7.5, Frugal install ] * [XenialPup 64 7.5, Frugal install] * [ 4GB RAM | 512MB swap ]
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
I have no defense.... in my defense
http://puppylinux.org/wikka/privacy
I regularly make a complete prawn of myself.
More java independence is coming with LibreOffice. I only needed it for 'Presentation' on the audio side. If just using the WP no need and if doing general purpose presentations again, no need.
I hardly ever install Java in Puppy but in the future this may change.
I am beginning to believe we will have to be Android compatible in the future . . .
There are far more serious attacks coming from javascript (a different language) and rogue web sites. Do you visit pron sites, pirate bay or really dodgy destinations? . . . not even sure what those are . . . maybe 'bank hacking' for non legal criminality? Don't know.
You might have to start using a semi proxy to overcome internet restrictions by the UK gov and their freedom fighting cohorts
http://help.opera.com/Linux/10.63/en/turbo.html
Then you can join the party of your choice - ooh arrr!
http://en.wikipedia.org/wiki/Pirate_Party
Puppy Linux
Free at point of Access
Scroogle is mentioned on that page but is no more :¬(Lobster wrote:http://puppylinux.org/wikka/privacy
Googlesharing is worth a try on FireFox if you want to do a google search without being tracked, (although probably just a matter of time before Google puts a stop to that too ). Use SSL google ... https://encrypted.google.com/ with Googlesharing then the proxy doesn't know what you are Googling for either.
Better look into installing Dalvik on Puppy then. Old fashioned Java won't help you.Lobster wrote:I hardly ever install Java in Puppy but in the future this may change.
I am beginning to believe we will have to be Android compatible in the future . . .
Do you know a good gtkdialog program? Please post a link here
Classic Puppy quotes
ROOT FOREVER
GTK2 FOREVER
Classic Puppy quotes
ROOT FOREVER
GTK2 FOREVER
[quote="ICPUG]Base might be used by quite a few people, certainly people here in the past have asked for a Database.[/quote]
True, but I would be very surprised if the number of people using it would be anywhere near the number of people using spreadsheets. Although personally I think a lot more people should use databases. I'm an engineer, and we use spreadsheets all the time. But in most cases they are really the wrong tool for the job - we should be using either a database or a proper programming language/tool.
True, but I would be very surprised if the number of people using it would be anywhere near the number of people using spreadsheets. Although personally I think a lot more people should use databases. I'm an engineer, and we use spreadsheets all the time. But in most cases they are really the wrong tool for the job - we should be using either a database or a proper programming language/tool.
Do you know a good gtkdialog program? Please post a link here
Classic Puppy quotes
ROOT FOREVER
GTK2 FOREVER
Classic Puppy quotes
ROOT FOREVER
GTK2 FOREVER