One of the biggest problems when it comes to the internet is that you always have to worry about some new form of malware going around. It doesn’t matter how hard you try to protect both your computer and your network, there is always going to be a chance that something new is going to slip right through. That is why you always have to be on top of your game and keep up with the latest security news when you are protecting your system.
Recently, there has been news of a new security bug that is floating around the internet. It is not a major concern yet but it is out there. This new bug is called Ebury and it is another version of a SSH Trojan attack.
What is SSH?
This question is either easy to answer or hard to answer depending on how good you are with a computer or how old you are. In the past when a person would use a computer they had to use what is known as a command line interface to be able to control it. This all changed when graphical user interfaces came around but even then you still had to use the command line for certain operations. While most people do not use the command line anymore there are still some people that do. It is considered faster than using the GUI so people who are considered power users use the command line.
SSH is a secure shell that houses the command line functionality of an operating system. The normal command line shell is considered unsecured. So SSH is supposed to solve that problem and it does for the most part. But every now and then there is a security hole that shows up in the technology. And the EBury Trojan is another example of that.
What does EBury do?
This new Trojan will replace the some of the binary files that you have in your system with its own. Some of these binaries include /usr/sbin/sshd, /usr/bin/ssh and a few others. What these binaries and other parts of the Trojan do is to store all of the passwords that you use on the machine and then send them out to some remote third party. The Trojan will just sit on your machine and continue this action over and over again.
This is just another is a long line of examples of why you have to be vigilant when it comes to the security of any computer that is connected to the internet.