The Dutch security company Sansec has discovered a new trojan for Linux that they have chosen to call CronRAT.
As the name suggests, this is a remote trojan (Remote Access Trojan) that uses cron, the system tool for scheduling automatic tasks.
CronRAT adds tasks to be performed on February 31, and since that date does not exist, the Trojan manages to stay hidden. According to cron, however, it is a completely correct date, so users will not receive an error message.
According to information, the Trojan is primarily aimed at online stores and the purpose is to access credit card information.
Extra serious is that there are very few virus programs that detect the Trojan and even when detected, it is not perceived as a threat. Hopefully, that will change with the researchers’ report.
– .