3

So this keylogger is being sold on HF doesn't rely on any dependencies or anything like that so it's able to infect linux systems.

Thread link: http://hackforums.net/showthread.php?tid=5043535 If you are not registered with the forum here is the sales thread image: http://s22.postimg.org/t7d0fnlbj/Auto_LOG_v2.png

Link is safe to view it's just a sales page on the forum.

What can I do to prevent such things infecting my system?

I read this: Are there keylogger viruses that affect Ubuntu?

I just want to confirm it's true the way it would have to install to infect me.

Community
  • 1
Pepe
  • 978
  • Yes, it is true its difficult to accidentally install packages/virsues/keyloggers. – We are Borg Nov 11 '15 at 14:33
  • but i'm saying for example, I have an infected keylogger file and I open it.. what would happen? Would it execute and just infect my system or would it ask me for root? – Pepe Nov 11 '15 at 14:39
  • Opening it as a text-file wont have any effect. Also, the first URL you mentioned in the post is not valid or requires registration. If its a script or a debian package, and you run or install it, then you have a problem. Linux has lot more to offer than keyloggers, I hope you will found that out. Good luck!! – We are Borg Nov 11 '15 at 14:40
  • okay I don't want to ask too much questions but I just to know if every (or most) type of malware currently on linux requires root access? Because if it does wouldn't I have to be their to input and allow this ? – Pepe Nov 11 '15 at 14:47
  • Yes. Root access or sudo access is mostly required. But some softwares can be compiled, started in a local home directory, which don't require root access, and it's fairly common. – We are Borg Nov 11 '15 at 14:51

1 Answers1

3
  • Keyloggers are NOT virusses.
  • There are plenty of legit reasons to want to install a keylogger.
  • There is a keylogger in the official Ubuntu repositories in case you did not know.

but i'm saying for example, I have an infected keylogger file and I open it.. what would happen? Would it execute and just infect my system or would it ask me for root?

"an infected keylogger file" you mean you have software for an Ubuntu system that is basically something that you expect to have a keylogger inside it.

Biggest mistake here: you are not expected to download random software from random locations. In Windows this is common but in Linux you use the official repositories. Those are free of malicious software. Next to that you use a PPA from Launchpad. Those are less secure but they are tested and when someone tries to sneak in crapware it will be noticed very quickly.

ALL other locations: stay away from them unless you can validate the source (the official websites for for instance apache, mysql are obviously safe).

Opening? No, if asked for a password it is not for the text file but for the program you use to open the text file. Executing the file is the issue and the problem.

okay I don't want to ask too much questions but I just to know if every (or most) type of malware currently on linux requires root access?

No. Well made malware installs itself inside your /home or inside your browser as a plugin and does not require a password. But again: Ubuntu software from the USC and from PPA will not install in /home/ and will use USC and ask for a admin password. Only software you downloaded yourself from an obscure location does that. Why would you download random software from websites you can not validate their reputation? In my mind if you do you are asking for it.

Because if it does wouldn't I have to be their to input and allow this ?

Oh but that is always the case.

Currently on Linux systems it is not possible to infect your system with a keylogger that sends out your admin password to somewhere in the world unless you install it yourself from an obscure source. Both the Ubuntu repositories and the PPA's on Launchpad are still considered safe zones in regards to that.

("yourself" here also implies anyone that can have access to your machine when you walk away from it since they then use your account ;) )

Rinzwind
  • 299,756
  • I wasn't really referring to installing software in particular. I was more concerned about things like opening an image file, rar , or pdf binded with an unwanted-keylogger. – Pepe Nov 11 '15 at 17:28