Post by Andrei Z. Post by Rbwd
Does it work in Linux?
I can't find it.
Widespread malware campaign seeks to silently inject ads into search
results, affects multiple browsers - Microsoft Security
The beginning of the chain, is running "setup...xxx.exe", an
installer that auto-elevates.
While a Linux user could run WINE setup...xxx.exe
the question would be, what browser would or could the attack
attach to ? The WINE files are on Drive_C. Could a person
run Chrome.exe in WINE and the campaign attack it ?
I would say for the most part, a WINE attack vector is unlikely.
There isn't a strong incentive to be running browsers from WINE.
And the attack would then inject adverts into the WINE browser
and not the host-level browser.
They would need to craft an attack with .deb and get you
to compromise your setup by adding a third-party repo. Maybe
they could get in that way. Seeing as this outfit has mounds
of meat-machines to create the malware (a whole team), they
could easy send off a sub-team to work on a Linux version.
It would depend on whether they thought it was worth the effort
You'd use your usual level of OPSEC to stop them.