Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Help with a Trojan program

New to Debian (Or Linux in general)? Ask your questions here!
Post Reply
Message
Author
kebab911
Posts: 2
Joined: 2017-05-14 11:41

Help with a Trojan program

#1 Post by kebab911 »

Hi, my name is Fatih and I'm still new to using a Raspberry Pi and with Debian. I think I got a Trojan on my Raspbery Pi and I don't know how to get rid of it. I've tried finding the file through grep, but I'm doing something wrong because I can't find it. I was hoping anyone could help me out here.

Image

User avatar
phenest
Posts: 1702
Joined: 2010-03-09 09:38
Location: The Matrix

Re: Help with a Trojan program

#2 Post by phenest »

That trojan comes in the form of an ELF file. Maybe that will aid your search.
ASRock H77 Pro4-M i7 3770K - 32GB RAM - Pioneer BDR-209D

kebab911
Posts: 2
Joined: 2017-05-14 11:41

Re: Help with a Trojan program

#3 Post by kebab911 »

phenest wrote:That trojan comes in the form of an ELF file. Maybe that will aid your search.
I have googled this issue I have and searched through almost all pages but all I can find is that it's Scumware/Malware. I used grep command to find ELF files but it just ends up giving me tons of results that I can't all check out.


n_hologram
Posts: 459
Joined: 2013-06-16 00:10

Re: Help with a Trojan program

#5 Post by n_hologram »

Hey, just wondering what became of this trojan, if you got it removed (if so, how?), etc.
bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing
the crunkbong project: scripts, operating system, the list goes on...

d3viant
Posts: 24
Joined: 2017-05-17 23:36

Re: Help with a Trojan program

#6 Post by d3viant »

Curious how one would end up with a Trojan like this? What can one do to prevent an infection, aside from the usual 'don't download random stuff on the internet / don't open random email attachments'? (Or is this specifically related to the IOT style hacks and not desktop environments?)

User avatar
debiman
Posts: 3063
Joined: 2013-03-12 07:18

Re: Help with a Trojan program

#7 Post by debiman »

d3viant wrote:Curious how one would end up with a Trojan like this?
i'd say that sensible usage habits would go a very long way (usually 100%) to avoid it.
but yeah, me too.
i doubt op will come back though.
but i had a look on raspbian forums - from the looks of it, the pi was open to the world and poorly protected :roll:

d3viant
Posts: 24
Joined: 2017-05-17 23:36

Re: Help with a Trojan program

#8 Post by d3viant »

debiman wrote: but i had a look on raspbian forums - from the looks of it, the pi was open to the world and poorly protected :roll:
Interesting thread.. the first post states "So I rebuilt it and figured it was a fluke. This morning, I couldn't SSH into it. By 'rebuild' I'm assuming they completely re-installed the OS?
I've never used a Pi, but if the infection lingers even after a complete wipe, how the heck do you fix/secure it after its been exploited?

Hoping I misunderstood their definition of a rebuild. :shock:


My understanding of IOT hacks is that they all had default admin logins & a specific open port, which made it easy to penetrate. What's on these devices, just Debian/Ubuntu/whatever or proprietary software running a Linux flavor?

User avatar
debiman
Posts: 3063
Joined: 2013-03-12 07:18

Re: Help with a Trojan program

#9 Post by debiman »

d3viant wrote:What's on these devices, just Debian/Ubuntu/whatever or proprietary software running a Linux flavor?
more often than not, raspbian.


btw, i don't know if that thread on the raspi forums goes back to this OP. i just searched for the name of the virus.

Post Reply