“Hand of Thief” banking trojan doesn’t do Windows—but it does Linux

Discussion in 'Malware Analysis Archive' started by MalwareVirus, Aug 7, 2013.

  1. MalwareVirus

    MalwareVirus New Member

    Oct 6, 2012
    Signaling criminals' growing interest in attacking non-Windows computers, researchers have discovered banking fraud malware that targets people using the open-source Linux operating system.

    Hand of Thief, as researchers from security firm RSA have dubbed it, sells for about $2,000 in underground Internet forums and boasts its own support and sales agents. Its functionality—consisting of form grabbers and backdoor capabilities—is rudimentary compared to Windows banking trojans spawned from the Citadel or Blackhole exploit kits, but that's likely to change. RSA researcher Limor Kessem said she expects Hand of Thief to become a full-blown banking trojan that includes more advanced features such as the ability to inject attacker-controlled content into trusted bank webpages.

  2. Spawn

    Spawn Administrator
    Staff Member Content Creator

    Jan 8, 2011
    5th paragraph from it's developer explaining what it can do, and it can't be tested in a Virtual Environment.
  3. kaddy

    kaddy Level 2

    Jan 23, 2016
    hmmmm.... I sense... the fact that maybe they may be pulling the same stunt as the zbot builder feature list. What they do not tell you, is we may backdoor your system when you use our software too.