Linux Trojan Stealing Bank Data From Linux Users

We love linux and one of the reason why we love it is the high security it offers. Shopping in a linux box is meant to be secure, but is this true anymore? “Why? What happened?”, some of you may ask. Thinking that Linux will remain forever secure is a very big mistake that will cost us too much. Cyber criminals are developing Linux Trojans to attack the Linux average user with the intention of stealing banking details.

Thinking you are forever secure because you use a Linux machine puts you to sleep and you never think anymore to take security measures to protect your private data. Even i myself did this mistake and i understand now what a big mistake i have done. What if they have my paypal credentials? Woo, 0 credit, where did my money go? One of the best security measures is to be paranoid! The moment you start being paranoid, I guarantee that you will take care every moment about your Linux box security.

Hand Of Thief, A Linux Trojan

What is Hand Of Thief? Hand Of Thief is a malicious software for Linux Operating System developed by Russian Cyber Criminals to steal banking details from the Linux average user. If the target of Hand Of Thief is the average user, it doesn’t mean that an advanced user can not be a target of it. The risk is the same for every Linux user.

Where Do Criminals Find This Software?

The Hand Of Thief malicious software is currently being sold  on the black market for 2000$ and the buyer gets full updates and support from the developer team. The developer team seems to be very motivated, they have set sale agents and support teams for supporting people that buy the software.

The Hand Of Thief is still in development for the moment and it offers only backdoors and form grabbers, but the developer team won’t stop here according to RSA security firm. The development team behind this malicious software is working to make the ‘Hand Of Thief’ a full bank info stealing in the future with a price of 3000$ and they will charge the buyer with 550$ for each update. Scary! You starting being paranoid, aren’t you?

Can You Tell Us Some Features Of this Software?

Yes of course. I will list them below for you  guys that are interested in studying the functionality of  the Hand Of Thief malicious trojan. If you are the curious guys that wants to learn how things work, I am sure this features will be very helpful to you. I love to learn how things work.

Some features of this software are:

  1. HTTPS and HTTP form grabbers with support for Chrome, Firefox, Aurora, Ice Weasel, Chromium, and other Linux-only browsers
  2. SOCKS5 proxy
  3. backdoor
  4. backconnect functionality
  5. anti-research tool box



This is not the only one and will not be the only one Trojan for Linux. Cyber criminals will develop other malicious software’s to attack Linux users and steal their financial data. It doesn’t matter how many Linux Trojans will be developed, what matters is how seriously you take computer security. Do you click on every link people send you on email? Do you have firewall? Do you know anything about malware analysis? Do you analyze pdf file every time you download one?

I have always been interested in malware analysis and lately i am working hard to build my own computer science lab. If you want to know anything about protecting yourself from Trojans and other malwares I will be glad to help you guys. It is time to share the article and spread the word that Unixmen is doing some work on informing Linux Users on the risks the future holds for them.