this post was submitted on 14 Sep 2024
1638 points (99.0% liked)

Technology

59669 readers
3115 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 24 points 2 months ago (3 children)

Wouldn't it require elevation?

Yet another example of why running as root/admin is a Bad Idea©

[–] [email protected] 74 points 2 months ago (2 children)

No, why would it? It will run code in the context of the current user which is absolutely enough to start a new process that will run in the background, download more code from a attacker server and allow remote access. The attacker will only have as much permissions as the user executing the code but that is enough to steal their files, run a keyloggers, steal their sessions for other websites etc.

They can try to escalate to the admin user, but when targeting private victims, all the data that is worth stealing is available to the user and does not require admin privs.

[–] [email protected] 60 points 2 months ago (1 children)
[–] [email protected] 17 points 2 months ago

This here. The most important thing on your computer are all your session cookies, which are, well, accessible with permissions your user account already has.

Dudes don't care about making your shit into a botnet, or putting a rootkit in your firmware, or whatever other technically complex thing you care to think about: they're there to steal your shit, and the most valuable shit you have is sitting there out in the open for the taking for anyone who makes it past a very very low bar of 'make the user do something stupid'.

[–] [email protected] 4 points 2 months ago* (last edited 2 months ago)

Exactly. The moment you hit Enter, the computer becomes part of a botnet on every login.

[–] [email protected] 4 points 2 months ago

Once you run something on windows, elevation is just a thing of using the right toolbox.

[–] [email protected] 4 points 2 months ago

That should be easy on windows, but user permissions might also be enough for whatever it does.