[mdlug] eBay phishing Linux-driven?
Jeff Hanson
jhansonxi at gmail.com
Thu Oct 4 14:54:27 EDT 2007
On 10/4/07, Michael Rudas <audiotech50 at gmail.com> wrote:
> Via Jim Fick on the GLLUG list at Michigan State University
> <linux-user at egr.msu.edu>:
>
> "eBay phishers use Linux botnets"
> <http://www.techworld.com/security/news/index.cfm?RSS&NewsID=10251>
>
> This article smells more-than-a-little like FUD to me, especially
> having been presented at a Microsoft-sponsored meeting-- correct me
> (please) if I'm wrong, but don't most (if not all) Linux rootkits
> require local access for this kind of privilege escalation? Or, at
> the very least, massive near-deliberate misconfiguration? Is it
> possible that these are Windows machines masquerading as Linux boxen?
>
> The number of botnet-infected Windows machines HAVE to vastly
> outnumber the number of Linux/Unix/BSD machines so infected-- why
> would infected Linux machines command a premium?
Probably misleading either intentionally or out of ignorance. The
discussions I read seem to lean towards compromised Windows clients
spamming email servers with messages that link back to a shared-host
Linux web server (because they're cheap). eBay only receives mail
from users asking about the message while those that fall for it don't
contact them. The phishing emails they see only point to the fake
Linux host and probably don't tell them anything useful as to the
source of the message.
More information about the mdlug
mailing list