Week in Geek: Linux Tsunami Trojan Ported to Mac OS X

Note: This article is part of our archive and is likely out of date.
(Links may not work, downloads have not been recently tested for safety)

By Akemi Iwaya on October 30th, 2011


This week we learned how to encrypt and hide your personal files inside of a photo, “display image size in Google Images, preserve tabs while using CCleaner, & what to backup on your Windows box”, look up Event IDs from the Event Viewer using a free tool, turn your friends into zombies for Halloween (in Photoshop), found out what your favorite Windows Explorer alternatives are, and more.

Photo by pasukaru76.

Weekly News Links


Photo courtesy of ESET Threat Blog.

  • ‘Tsunami’ trojan malware bot ported to OS X
    Another day, another Trojan. The malware bot called “Tsunami” that has been developed for Linux systems since around 2002 has been found on OS X.
  • New attack tool targets Web servers using secure connections
    Hackers have released a program they assert will allow a single computer to take down a Web server using a secure connection.
  • Dolphin HD browser snared in security breach
    The makers of a popular mobile browser called Dolphin HD confirmed that their software leaks the addresses of all Web sites a user visits, a potential privacy and security breach.
  • Further evidence of Certificate Authority break-ins
    In a feature article on the security of SSL, Peter Eckersley from the Electronic Frontier Foundation has said that at least five Certificate Authorities (CAs) have been compromised in the past four months. Eckersley extracted this information from the revocation lists that are released by the CAs.
  • MyBB downloads were infected
    In a blog posting, the MyBB development team has confirmed that the download package for version 1.6.4 of MyBB had been modified to include malicious code. Unknown attackers were able to exploit a vulnerability in the MyBB web site’s CMS (content management system) to inject and execute PHP code.
  • Researchers find holes in the cloud
    Until recently, a vulnerability in Amazon Web Services including the EC2 cloud allowed unauthorised users to perform administrative tasks. At an ACM workshop on cloud security, a team of researchers from Germany’s Ruhr University of Bochum reported that attackers were, for example, able to start and stop virtual machines, and create new images and gateways, in an EC2 instance.
  • CCC criticises new version of government trojan
    The CCC (Chaos Computer Club) has analysed the more recent version of Digitask’s German government trojan that was discovered by Kaspersky. This version dates back to December 2010 and has not yet been associated with an actual case. The analysis focused on the improvements that were made to fix the previous version’s weaknesses, and on the postulated “audit-proof logging” of all activities.
  • Android owners getting stiffed on OS updates, study claims
    Android phones have a bad history of not getting the latest OS upgrades, often leaving them several versions behind, says a new study.
  • Report: Asia dominates in Net speed, attacks
    Asia is home not only to some of the world’s fastest Internet connections, but also the highest attack traffic, new statistics have shown.
  • Users don’t understand public Wi-Fi risks
    Users have not fully comprehended the threats associated with accessing Wi-Fi via a public hotspot, and the proliferation of mobile devices and the move toward a wireless mesh network will only compound these network risks.
  • Browser updates needed for increased security
    Browsers that are not updated when necessary can carry security vulnerabilities created from coding errors and third-party applications, warn market players who advise browser makers to actively entice users to keep their browsers updated with “automatic update” function and campaigns.
  • Linux Foundation announces long-term support kernel tree for CE vendors
    At the LinuxCon Europe event in Prague, the Linux Foundation announced plans to launch a new kernel tree aimed at providing long-term support for device vendors. The project, which is called the Long Term Stable Kernel Initiative (LTSI), could reduce the cost of producing a custom Linux-based platform for a mobile or embedded system.
  • Linux Foundation proposes to use UEFI to make PCs secure and free
    The Linux Foundation and friends are working on using UEFI so that computers can be both more secure and give users freedom of operating system choice instead of using Microsoft’s secure boot plan to lock users into Windows 8.
  • Ubuntu Linux will try for the business desktop
    Ubuntu has long been popular on the Linux enthusiast desktop, but, so far it hasn’t been very popular on business desktops. Canonical plans on changing that with its next version.
  • Google: Governments seek more about you than ever
    A new report from Google shows a rise in government requests for user account data and content removal, including a request by one unnamed law enforcement agency to remove YouTube videos of police brutality–which the company refused.

Random TinyHacker Links


Super User Questions

See the answers to these terrific questions from this week’s most popular thread at Super User.


How-To Geek Weekly Article Recap

Tear into some good reading this weekend with our hottest HTG Main posts of the week.


Geeky Goodness from the ETC Side

Set aside some time this weekend for a bit of fun reading with our most popular ETC posts of the week.


One Year Ago on How-To Geek

Learn something new this weekend with this great collection of articles from one year ago.


How-To Geek Comics Weekly Roundup


Akemi Iwaya is a devoted Mozilla Firefox user who enjoys working with multiple browsers and occasionally dabbling with Linux. She also loves reading fantasy and sci-fi stories as well as playing "old school" role-playing games. You can visit her on Twitter and .

  • Published 10/30/11
More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!