Researcher Shows Assault Against Linux With USB Autorun

Latest news
Dr. Web Finds Fresh Version of Trojan Rmnet Scam E-mail Circulates Soliciting Private Banking Details Amnesty International Website Compromised to Produce Malware Cyber-criminals’ Latest Strategy is Application-Based Malware Scam, Which Infects Twice, Spotted

Support our Sponsors

uClip Clipping Path Service

Main Menu

Resources

Login
Username Password Remember Me Forgot your password? Forgot your username? Create an account

Syndicate

Popular
HSBC Clients Targeted with Phishing Scam BBB Cautions about Phishing E-mails Supposedly from American Express USPS Cautions Consumers about Malware Laced Scam E-mails St. George Bank Clients Alerted about Fraudulent E-mails Commtouch Cautions about Siberian Dogs Fraudulent E-mail

Trampolines usa

Researcher Shows Assault Against Linux With USB Autorun

Written by Administrator

Monday, 21 February 2011 14:00

Senior Researcher Jon Larimer attached to the X-Force Advanced Research team of IBM, while at the Washington-held ShmooCon 2011 Security Conference during January 28-30, 2011, demonstrated how Linux computers could be attacked with USB devices, so reported Softpedia.com in news dated February 10, 2011.

Evidently, during the demonstration Larimer showed how the attack could be executed through exploiting a security flaw within the evince-thumbnailer, an element that the GNOME evince for viewing files utilize to render icons.

Larimer, while elaborating the demo further, stated that it wasn't too strong for, to make it come off fast, he had to disable 'AppArmor' and 'Address Space Layout Randomization.' However, the result indeed was as expected, since the demonstration showed that autorun-like assaults were possible on Linux systems for running random code and thereby acquiring control over the computers which otherwise couldn't happen, he explained. Muktware.com published this on February 10, 2011.

Larimer further explained that since the attack used a security flaw rather than a feature such as AutoRun, it was greatly identical to the Stuxnet worm-abused LNK exploit.

Notably, the aforementioned exploit aimed at the flaw quite like Windows OS treated shortcuts as also let arbitrary code run on the system via performing a plain scanning of a file directory, which carried a malevolently created LNK document.

Reportedly, many malicious programs have ever-since utilized as well as are still utilizing the exploit.

Here, it may be interesting to note that a patch for the flaw was issued during early-January 2011, but Larimer experimented with an un-patched computer. Further, the attack could be performed merely through USB that imply that an attacker must be physically next to the computer. The attack doesn't proliferate via visiting websites, or via e-mails alternatively attachments. Hence, a computer-operator need have nothing to feel scared of, Larimer concludes.

Nevertheless, the demonstration proves one important point i.e. systems must always be maintained up-to-date. Any system-update message popping up should be heeded to.

Eventually, Larimer's demo also suggests that despite the truth about Windows virus quantities dwarfing Linux malware's tiny ecosystems sidelined, still there are plentiful other warnings associated with the attack.

Read full article...