Stories
Slash Boxes
Comments

SoylentNews is people

South Korean Manufacturing Industry Targeted With New Backdoor Program

posted by martyb on Saturday October 31 2015, @05:17PM   Printer-friendly
from the what's-in-your-system? dept.

Phoenix666 writes:

South Korean organizations are being targeted in attacks with a new stealthy backdoor program that gives attackers full access to infected computers.

The malware has been dubbed Duuzer and while it's not exclusively used against targets in South Korea, it does seem that the hacker group behind it have a preference for that country's manufacturing industry, according to security firm Symantec.

Duuzer was designed to work on both 32-bit and 64-bit Windows versions and opens a back door through which attackers can gather system information; create, list and kill processes; access, modify and delete files; execute commands and more.

Original Submission

 
This discussion has been archived. No new comments can be posted.
South Korean Manufacturing Industry Targeted With New Backdoor Program | Log In/Create an Account | Top | 16 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0, Disagree) by Anonymous Coward on Sunday November 01 2015, @05:35AM

    by Anonymous Coward on Sunday November 01 2015, @05:35AM (#257101)

    Hah! You clearly know little about operating system security. Otherwise you would NOT consider Unix or Linux as operating systems that are difficult to break into in terms of security. Even Multics was aiming for something better.

    Unix style security is crap- a user level exploit can do whatever the user can do. No big diff from Windows NT. These are operating systems built on the concept of Discretionary Access Controls. Only stuff like Mandatory Access Controls, SELinux and AppArmor, sandboxing changed things to allow stuff to be better.

    But despite AppArmor etc from a malware author's point of view there is still very little difference in practice. A browser drive by on any of the major desktop OSes/distros will get you full user level access which is plenty enough. In fact IE's sandboxing might work even better than AppArmor (which is usually not enabled by default, and even if enabled the browser template might be too lax to protect you from some attacks).

    The guy talking about different configurations is ignorant too- perl is built-in on most unix and unix-like platforms. I have a perl program (not malware but not very different in many ways- it reports to home base, gathers information etc) that runs _unchanged_ on AIX, OSX, Solaris, most Linux distros. Why the heck would you need a binary for most malware? Only if you are doing bitcoin mining I guess, but even for that case targeting more platforms for that is not a big problem.

    The number of installs matter. Many do pwn server linux machines, linux router devices and android linux devices. They don't care so much about desktop ones. So you've got a blinkered view of the world if you think people can't pwn Linux as easily as they pwn Windows. They do, it's just your religious viewpoint prevents you from seeing or accepting it.

    Your security vs most other hackers is not really different. The real difference in security between most Desktop Linux Distros and Windows is that with Windows, Microsoft has pwned you from the start. That is the main objection vs Windows in terms of security. And that can be a big objection for some.

    Starting Score:    0  points
    Moderation   0  
       Disagree=1, Total=1
    Extra 'Disagree' Modifier   0  
    Total Score:   0  

  • (Score: 2) by aristarchus on Sunday November 01 2015, @08:49AM

    by aristarchus (2645) on Sunday November 01 2015, @08:49AM (#257122) Journal

    So you've got a blinkered view of the world if you think people can't pwn Linux as easily as they pwn Windows. They do, it's just your religious viewpoint prevents you from seeing or accepting it.

    Well, yeah, but who are you, oh Anonymous Coward? Religious view point? May you be touched by his Noodly Appendage, and have all your cheese grated for you. But user level access? On a router or other appliance? I think you misunderstand what is going on. Yes, user level access is great for taking over that user's account, but when you have a system like mine, and you have to hack the user 1,243 times? Not going to happen. We are talking about system level compromises here, backdoors with root access "from the factory". Oh, now I see. This is why it is so hard to buy a system with linux pre-installed: because it is so difficult to install a backdoor, and all that bloatware that is only available for Windows.

    In conclusion, never said Linux could not be hacked, just that compared to Windows. . . . We'll leave it at that.