Hand of a Thief Linux Malware Goes for the Money

by Ostatic Staff - Aug. 29, 2013

One of the top reasons for choosing Linux, according to many users, is enhanced security. In particular, if you have spent much time using Windows PCs, you're familiar with the fact that Windows is the primary target for malware worldwide. Linux, on the other hand, is rarely targeted by virus writers and hackers.

However, according to the Avast blog, a new Linux Trojan dubbed "Hand of a Thief" is actually targeting Linux users' bank accounts.

Hand of a Thief is actually a known Trojan. RSA researchers first reported on it in early August.  According to their report:

"Hand of Thief is a Trojan designed to steal information from machines running the Linux OS. This malware is currently offered for sale in closed cybercrime communities for $2,000 USD (€1,500 EUR) with free updates.  The current functionality includes form grabbers and backdoor capabilities, however, it’s expected that the Trojan will have a new suite of web injections and graduate to become full-blown banking malware in the very near future. At that point, the price is expected to rise to $3,000 USD (€2,250 EUR), plus a hefty $550 per major version release. These prices coincide with those quoted by developers who released similar malware for the Windows OS, which would make Hand of Thief relatively priced way above market value considering the relatively small user base of Linux."

Wow, if you had any doubts that malware is a business, get rid of them. According to the Avast blog:

"With the level of overall sophistication Hand of Thief displays, it can be compared to infamous non-Windows threats such as the FlashBack Trojan for MacOsX platform discovered last year or Trojan Obad for Android from recent times." 

The Avast blog also has a very detailed screenshot-driven breakdown of how this malware works and what it does. If you're a Linux user you might want to check it out