Linux infection proves Windows malware monopoly is over
By Ed Bott, ZDnet.com
June 12, 2010
Every time I write about Windows security software, I get a predictable
flood of responses from Linux advocates who claim that they don’t need
any such protection. Today comes a shining example of why they’re wrong.
If you downloaded and installed the open-source Unreal IRC server in the
last 8 months or so, you’ve been pwned. Here’s the official announcement:
This is very embarrassing…
We found out that the Unreal126.96.36.199.tar.gz file on our mirrors has been
replaced quite a while ago with a version with a backdoor (trojan) in it."
This backdoor allows a person to execute ANY command with the privileges
of the user running the ircd. The backdoor can be executed regardless of
any user restrictions (so even if you have passworded server or hub that
doesn’t allow any users in).