Korean version of the Mozilla browser, mozilla-installer-bin from mozilla-1.7.6.ko-KR.linux-i686.installer.tar.gz, and Mozilla Thunderbird, mozilla-xremote-client from thunderbird-1.0.2.tar.gz were infected by Virus.Linux.RST.b.

“This virus searches for executable ELF files in the current and /bin directories and infects them. When infecting files, it writes itself to the middle of the file, at the end of a section of code, which pushes the other sections lower down. It also contains a backdoor, which downloads scripts from another site, and executes them, using a standard shell” - taken from www.viruslist.com.

To those that are afraid that they might have been infected by the program should run an Antivirus program, open source or commercial. For the open source I suggest using, ClamAV, as it has the ability to detect the virus which they name as Linux.Rst.A (Clam).

-

Is your site safe from XSS Attacks? Sign up for Automated Vulnerability Detection Service today!