Terrifying Trojans | Command Line Heroes

<!DOCTYPE html> <html lang="en" dir="ltr" prefix="og: https://ogp.me/ns#"> <head> <script>performance.mark('HEAD Start');</script> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>Terrifying Trojans | Command Line Heroes</title> <link rel="preconnect" href="https://static.redhat.com"> <link rel="preconnect" href="https://consent.trustarc.com"> <script id="rhdc_js_errors_js">window.sentryOnLoad=function(){Sentry.init({dsn:"https://676ea2c2d4a147c2834066d24c04a9e4@o490301.ingest.sentry.io/5370002",ignoreErrors:[],integrations:[Sentry.browserTracingIntegration()],environment:'prod',tracesSampleRate:0.75,sampleRate:0.75});};</script> <script id="rhdc_analytics_get_top_eddl_pagedata">var pageData = {"pageCategory":"command-line-heroes","pageName":"rh|command-line-heroes|season-9|terrifying-trojans","pageTitle":"Terrifying Trojans | Command Line Heroes","pageType":"page","pageSubType":"Branded media","siteExperience":"","siteLanguage":"en","subsection":"season-9","subsection2":"terrifying-trojans","subsection3":"","cms":"RH CMS 1.0","analyticsTitle":"","contentID":"583871","contentType":"","destinationURL":"https:\/\/www.redhat.com\/en\/command-line-heroes\/season-9\/terrifying-trojans","gated":"false","offerID":"","errorType":"","contentPublishDate":"2022-02-28","siteName":"rh","dataObject":"appEventData","taxonomyRegion":["4521"],"taxonomySubType":["107221"],"taxonomyTopic":["4491","107481"],"pageStatus":"published"};</script> <script id="rhdc_analytics_get_top_eddl_js">!function(e,a){"use strict";e.appEventData=e.appEventData||[],e.pageData=e.pageData||[];var t={event:"Page Load Started",page:pageData};if(a.referrer){var r=a.createElement("a");r.href=a.referrer,t.page.previousPage=r.href}t.page.siteExperience=e.innerWidth<=768?"tablet":"desktop",appEventData.push(t)}(window,document);</script> <script id="dpal" src="https://www.redhat.com/dtm.js" async></script> <script id="trustarc" src="https://static.redhat.com/libs/redhat/marketing/latest/trustarc/trustarc.js" async></script> <script src="https://static.redhat.com/libs/redhat/marketing/latest/trustarc/trustecm/js/trustecm.js" data-domain="www.redhat.com" async></script> <script class="trustecm" data-src="https://static.redhat.com/libs/redhat/marketing/latest/trustarc/trustecm/js/trustecm-functional.js" data-tracker-type="functional"></script> <script class="trustecm" data-src="https://static.redhat.com/libs/redhat/marketing/latest/trustarc/trustecm/js/trustecm-advertising.js" data-tracker-type="advertising"></script> <script type="importmap">{"imports":{"@rhds/elements/":"/modules/contrib/red_hat_shared_libs/dist/rhds-elements/modules/"},"scopes":{}}</script> <script type="application/json" data-drupal-selector="drupal-settings-json">{"path":{"baseUrl":"\/","pathPrefix":"en\/","currentPath":"node\/583871","currentPathIsAdmin":false,"isFront":false,"currentLanguage":"en"},"pluralDelimiter":"\u0003","suppressDeprecationErrors":true,"rh_oidc_manager":{"debug":false,"cookie_settings":{"rh_sso_session_enabled":true},"oidc_settings":{"authority":"https:\/\/sso.redhat.com\/auth\/realms\/redhat-external","client_id":"rhcom","loadUserInfo":true,"post_logout_redirect_uri":"https:\/\/www.redhat.com\/en","redirect_uri":"https:\/\/www.redhat.com\/en","scope":"openid profile_level.rh_events id.email id.idp id.job.title id.job.department id.name id.organization id.sub id.username roles api.graphql","silent_redirect_uri":"https:\/\/www.redhat.com\/en\/silent-renew.html"}},"rhdc_analytics":{"searchTerm":null},"rhdc_bulk_tagging":{"should_skip_product_primary_product_requirement":true,"field_taxonomy_product":{"add":"If there is currently no \u003Cb\u003EPrimary Product\u003C\/b\u003E value before this operation,\n a \u003Cb\u003EProduct\u003C\/b\u003E value will be chosen as the \u003Cb\u003EPrimary Product\u003C\/b\u003E.","remove":"\u003Cul\u003E\n \u003Cli\u003EIf removing all existing \u003Cb\u003EProduct\u003C\/b\u003E value(s), the \u003Cb\u003EPrimary Product\u003C\/b\u003E will also be removed.\u003C\/li\u003E\n \u003Cli\u003EIf not, please choose a new valid \u003Cb\u003EPrimary Product\u003C\/b\u003E in a previous operation\n before removing the \u003Cb\u003EProduct\u003C\/b\u003E.\u003C\/li\u003E\n \u003C\/ul\u003E","replace":"If the \u003Cb\u003EProduct\u003C\/b\u003E that is being replaced is the \u003Cb\u003EPrimary Product\u003C\/b\u003E,\n please change the \u003Cb\u003EPrimary Product\u003C\/b\u003E in a previous operation."},"field_taxonomy_product_primary":{"add":"The \u003Cb\u003EPrimary Product\u003C\/b\u003E that is being added must be a value of an existing \u003Cb\u003EProduct\u003C\/b\u003E value.\n If the \u003Cb\u003EPrimary Product\u003C\/b\u003E value to add is not, please add that \u003Cb\u003EProduct\u003C\/b\u003E in a previous operation.","remove":"You cannot remove the \u003Cb\u003EPrimary Product\u003C\/b\u003E. This operation will be skipped.","replace":"If the new \u003Cb\u003EPrimary Product\u003C\/b\u003E value is not an existing \u003Cb\u003EProduct\u003C\/b\u003E value,\n please add that \u003Cb\u003EProduct\u003C\/b\u003E in a previous operation."}},"rhdcCore":{"webrh":{"version":"1.209.0"}},"rhdc_style":{"flag_myrh_popover":1},"rhdc_solr_listing":{"testmode":false},"csp":{"nonce":"sPC-j5TO3VF48r-1WrKy-A"},"user":{"uid":0,"permissionsHash":"925c93e5e058a38840206e2faeb20be77d5863a368189af16a0faa928225c714"}}</script> <script src="/rhdc/system-files/js/js_o8NShEaoNof4B_K0ELLqBNLU3LEWsLuVeGykOiply_Y.js?scope=header&delta=0&language=en&theme=rhdc&include=eJyNUUFuxDAI_FASP6KnXvsBi9hsTNcxEZCt8vuSTbRK1UN7sYGBAQYpOUVoUDejpEF-uBFzrnFkM547KZHJ0dnhCSUkQTA8YqkSNuvkbzIlr1EESeU_6SjC0ummhnMYQXEfY__jSmGqPEJ9K8Izdl84Sgn-fpTTXm7YN3jQBEbcnt2ePfqj7leg1yS0mF4AResrtKlPzHfCC3JjNpR-bfRA0ZPtsozJquZbDombujbDKdsAC3UVNl4tZtLEXr4Fbpi4dp5HtkWcR8whwXLMjTkWsJjumMnYhTcYKk3F8n6VE9UCu1lp3IXsPedUwaOOv-9jdLMzQLhR9dGHF_9rp4yLYPKj5mObTz30P0_zcr8BQH_baQ"></script> <script src="/modules/contrib/rh_oidc_manager/libraries/dist/js/index.min.js?snbk8m" type="module"></script> <script src="https://static.redhat.com/libs/@redhat/marketing/latest/rh.mktg.js" async></script> <link rel="stylesheet" media="all" href="/rhdc/system-files/css/css_arVQeEPWLwEOucKc5hfxprFtgAnMucg8ock0drVvuJ8.css?delta=0&language=en&theme=rhdc&include=eJyNUUFuxDAI_FASP6KnXvsBi9hsTNcxEZCt8vuSTbRK1UN7sYGBAQYpOUVoUDejpEF-uBFzrnFkM547KZHJ0dnhCSUkQTA8YqkSNuvkbzIlr1EESeU_6SjC0ummhnMYQXEfY__jSmGqPEJ9K8Izdl84Sgn-fpTTXm7YN3jQBEbcnt2ePfqj7leg1yS0mF4AResrtKlPzHfCC3JjNpR-bfRA0ZPtsozJquZbDombujbDKdsAC3UVNl4tZtLEXr4Fbpi4dp5HtkWcR8whwXLMjTkWsJjumMnYhTcYKk3F8n6VE9UCu1lp3IXsPedUwaOOv-9jdLMzQLhR9dGHF_9rp4yLYPKj5mObTz30P0_zcr8BQH_baQ" /> <link rel="stylesheet" media="print" href="https://static.redhat.com/libs/redhat/marketing/latest/trustarc/trustecm/css/trustecm.css" data-onload-media="all" onload="this.onload=null;this.media=this.dataset.onloadMedia" /> <link rel="stylesheet" media="all" href="/rhdc/system-files/css/css_a3QLPskX4fJfsI_q84If3Zfq1k4uww7X7wt_sMTMfWw.css?delta=2&language=en&theme=rhdc&include=eJyNUUFuxDAI_FASP6KnXvsBi9hsTNcxEZCt8vuSTbRK1UN7sYGBAQYpOUVoUDejpEF-uBFzrnFkM547KZHJ0dnhCSUkQTA8YqkSNuvkbzIlr1EESeU_6SjC0ummhnMYQXEfY__jSmGqPEJ9K8Izdl84Sgn-fpTTXm7YN3jQBEbcnt2ePfqj7leg1yS0mF4AResrtKlPzHfCC3JjNpR-bfRA0ZPtsozJquZbDombujbDKdsAC3UVNl4tZtLEXr4Fbpi4dp5HtkWcR8whwXLMjTkWsJjumMnYhTcYKk3F8n6VE9UCu1lp3IXsPedUwaOOv-9jdLMzQLhR9dGHF_9rp4yLYPKj5mObTz30P0_zcr8BQH_baQ" /> <link rel="stylesheet" media="print" href="https://static.redhat.com/libs/redhat/rh-iconfont/5/files/rh-web-iconfont.css" data-onload-media="all" onload="this.onload=null;this.media=this.dataset.onloadMedia" /> <link rel="stylesheet" media="all" href="/rhdc/system-files/css/css_aXsZ7vnPHVMI5sWSw2w-TjMmll_RFN0-qs1Fw_Vg7J0.css?delta=4&language=en&theme=rhdc&include=eJyNUUFuxDAI_FASP6KnXvsBi9hsTNcxEZCt8vuSTbRK1UN7sYGBAQYpOUVoUDejpEF-uBFzrnFkM547KZHJ0dnhCSUkQTA8YqkSNuvkbzIlr1EESeU_6SjC0ummhnMYQXEfY__jSmGqPEJ9K8Izdl84Sgn-fpTTXm7YN3jQBEbcnt2ePfqj7leg1yS0mF4AResrtKlPzHfCC3JjNpR-bfRA0ZPtsozJquZbDombujbDKdsAC3UVNl4tZtLEXr4Fbpi4dp5HtkWcR8whwXLMjTkWsJjumMnYhTcYKk3F8n6VE9UCu1lp3IXsPedUwaOOv-9jdLMzQLhR9dGHF_9rp4yLYPKj5mObTz30P0_zcr8BQH_baQ" /> <link rel="stylesheet" media="all" href="/rhdc/system-files/css/css_hAqzji3GTEgnsilTsrmLNQZewIpZ0l0tmwezBKzwL-I.css?delta=5&language=en&theme=rhdc&include=eJyNUUFuxDAI_FASP6KnXvsBi9hsTNcxEZCt8vuSTbRK1UN7sYGBAQYpOUVoUDejpEF-uBFzrnFkM547KZHJ0dnhCSUkQTA8YqkSNuvkbzIlr1EESeU_6SjC0ummhnMYQXEfY__jSmGqPEJ9K8Izdl84Sgn-fpTTXm7YN3jQBEbcnt2ePfqj7leg1yS0mF4AResrtKlPzHfCC3JjNpR-bfRA0ZPtsozJquZbDombujbDKdsAC3UVNl4tZtLEXr4Fbpi4dp5HtkWcR8whwXLMjTkWsJjumMnYhTcYKk3F8n6VE9UCu1lp3IXsPedUwaOOv-9jdLMzQLhR9dGHF_9rp4yLYPKj5mObTz30P0_zcr8BQH_baQ" /> <link type="text/css" href="//static.redhat.com/libs/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" /> <link type="text/css" href="/ux/webdms/css/vendors/plyr.min.css" rel="stylesheet" /> <link type="text/css" href="/ux/webdms/css/vendors/slick.min.css" rel="stylesheet" /> <link type="text/css" href="/ux/webdms/css/styles.min.css" rel="stylesheet" /> <link type="text/css" href="/ux/webdms/css/projects/clh-s9-episodes.min.css" rel="stylesheet" /> <link rel="preload" href="/themes/custom/rh_base_ui/src/fonts/red_hat_text/RedHatTextVFModified.woff2" as="font" type="font/woff2" crossorigin> <link rel="preload" href="/themes/custom/rh_base_ui/src/fonts/red_hat_display/RedHatDisplayVFModified.woff2" as="font" type="font/woff2" crossorigin> <script type="speculationrules">{"prerender": [{"urls": ["/en"]}]}</script> <meta name="description" content="The trojan horse uses deception to do damage. But if we stick to trusted sites and sources, we better the odds against those who use our trust against us." /> <link rel="canonical" href="https://www.redhat.com/en/command-line-heroes/season-9/terrifying-trojans" /> <link rel="image_src" href="https://www.redhat.com/rhdc/managed-files/Opengraph-S9.jpg" /> <meta property="og:type" content="website" /> <meta property="og:url" content="https://www.redhat.com/en/command-line-heroes/season-9/terrifying-trojans" /> <meta property="og:title" content="Terrifying Trojans | Command Line Heroes" /> <meta property="og:description" content="The trojan horse uses deception to do damage. But if we stick to trusted sites and sources, we better the odds against those who use our trust against us." /> <meta property="og:image" content="https://www.redhat.com/rhdc/managed-files/Opengraph-S9.jpg" /> <meta name="twitter:card" content="summary" /> <meta name="twitter:description" content="The trojan horse uses deception to do damage. But if we stick to trusted sites and sources, we better the odds against those who use our trust against us." /> <meta name="twitter:title" content="Terrifying Trojans | Command Line Heroes" /> <meta name="twitter:url" content="https://www.redhat.com/en/command-line-heroes/season-9/terrifying-trojans" /> <meta name="twitter:image" content="https://www.redhat.com/rhdc/managed-files/Opengraph-S9.jpg" /> <meta name="Generator" content="Drupal 10 (https://www.drupal.org)" /> <meta name="MobileOptimized" content="width" /> <meta name="HandheldFriendly" content="true" />  <style>.dx-relative{position:relative !important;}@media (min-width:576px){.sm\:dx-relative{position:relative !important;}}@media (min-width:768px){.md\:dx-relative{position:relative !important;}}@media (min-width:992px){.lg\:dx-relative{position:relative !important;}}@media (min-width:1200px){.xl\:dx-relative{position:relative !important;}}@media (min-width:1440px){.\32xl\:dx-relative{position:relative !important;}}</style> <meta http-equiv="content-language" content="en" /> <meta name="last-publish-date" content="Tue, 25 Jun 2019 00:00:00 GMT" /> <meta name="node-type" content="page" /> <meta name="source" content="rhdc_drupal" /> <meta name="rhdc_key" content="3c10fa6e0ee66556f7813f81b45cc9f5" /> <meta name="taxonomy-region" content="Global" /> <meta name="taxonomy-region-tid" content="4521" /> <meta name="taxonomy-sub-type" content="Branded media" /> <meta name="taxonomy-sub-type-tid" content="107221" /> <meta name="taxonomy-topic" content="Security" /> <meta name="taxonomy-topic-tid" content="4491" /> <meta name="taxonomy-topic" content="Tech history" /> <meta name="taxonomy-topic-tid" content="107481" /> <meta name="dateline" content="2019-06-25T00:00:00.00Z" /> <meta name="source_title" content="Terrifying Trojans | Command Line Heroes" /> <link rel="icon" href="/favicon.ico" type="image/x-icon" /> <link rel="alternate" hreflang="en" href="https://www.redhat.com/en/command-line-heroes/season-9/terrifying-trojans" /> <script>performance.mark('HEAD End'); performance.measure('HEAD Time', 'HEAD Start', 'HEAD End');</script> </head> <body class="clh-s9e1 bg-purple-darkest path-node rhdc-node-type-page page-node-583871" > <div class="rhb-region rhb-region--highlighted"><div data-drupal-messages-fallback class="hidden"></div></div> <div class="rhdc-header--background-image"></div> <div class="rhb-region rhb-region--content" id="rhb-main-content" role="main"> <article> <div> <div class="one-column"> <div class="dx-relative content-region">  <div class="one-column"> <div class="dx-relative content-region"> <header id="top" class="dms-band clh-nav-top py-2"> <div class="container text-white"> <div class="row d-flex align-items-center"> <div class="col-6"> <a href="//www.redhat.com/en/command-line-heroes" title="Command Line Heroes"> <img class="img-fluid svg-white" src="/rhdc/managed-files/clh-logo-2-22.svg" width="166" height="42" alt="Command Line Heroes logo" loading="lazy"> </a> </div> <div class="col-6 clh-nav-toggle-wrapper"> <span class="text-monospace text-right font-size-16 d-inline-block">Subscribe<br>& more</span> <a href="#" class="btn btn-toggle" data-toggle="nav-shelf"> <div class="d-inline-block"> <span class="menu-bar"></span> <span class="menu-bar"></span> <span class="menu-bar"></span> </div> </a> </div> </div> </div> </header> <div class="dms-band clh-nav-shelf text-white py-0"> <div class="nav-container pb-4"> <div id="CLHNav" class="accordion pb-8"> <div class="nav-group-wrapper pl-2 pl-sm-3 pr-sm-8" data-bg-image="/rhdc/managed-files/bg_clh-nav-subscribe.jpg"> <button href="#" class="accordion-toggle collapsed py-2" data-toggle="collapse" data-target="#clhSubscribe"> <p>Subscribe</p> </button> <div id="clhSubscribe" class="accordion-panel collapse" data-parent="#CLHNav"> <p>Subscribe to the podcast to receive new episodes as soon as we release them</p> <div class="row pb-2"> <div class="col-6 mb-2"> <a href="//geo.itunes.apple.com/podcast/us/id1319947289?mt=2&at=1010lbVy&ct=redhatclh_website" target="_blank" title="Listen on Apple Podcasts"> <img class="img-fluid" src="/rhdc/managed-files/apple%20podcast.svg" alt="Listen on Apple Podcasts"> </a> </div> <div class="col-6 mb-2"> <a href="https://castbox.fm/channel/id1105224?country=us" target="_blank" title="Listen on Castbox"> <img class="img-fluid" src="/rhdc/managed-files/castbox-badge.svg" alt="Listen on Castbox"> </a> </div> <div class="col-6 mb-2"> <a href="//open.spotify.com/show/4Jgtgr4mHXNDyLldHkfEMz" target="_blank" title="Listen on Spotify"> <img class="img-fluid" src="/rhdc/managed-files/spotify-badge.svg" alt="Listen on Spotify"> </a> </div> <div class="col-6 mb-2"> <a href="//feeds.simplecast.com/vUHP7wpf" target="_blank" title="Subscribe via RSS Feed"> <img class="img-fluid" src="/rhdc/managed-files/rss-feed-badge.svg" alt="Subscribe via RSS Feed"> </a> </div> </div> </div> </div> <div class="nav-group-wrapper pl-2 pl-sm-3 pr-sm-8" data-bg-image="/rhdc/managed-files/bg_clh-nav-about.jpg"> <button href="/en/command-line-heroes/about" class="accordion-toggle collapsed py-2" data-toggle="collapse" data-target="#clhAbout"> <p>About the podcast</p> </button> <div id="clhAbout" class="accordion-panel collapse" data-parent="#CLHNav"> <p>Discover Red Hat’s original podcast about the people who transform technology from the command line up. Subscribe to our newsletter for commentary from the Command Line Heroes team—and links to take a closer look at the topics we cover.</p> <p><a href="/en/command-line-heroes/about" class="btn btn-primary">Learn about the show</a></p> <p class="mb-0 pb-4"><a href="https://www.redhat.com/forms/?config=19411" class="btn btn-outline-white">Get the newsletter</a></p> </div> </div> <div class="nav-group-wrapper pl-2 pl-sm-3 pr-sm-8" data-bg-image="/rhdc/managed-files/bg_clh-nav-s1.jpg"> <button href="#" class="accordion-toggle collapsed py-2" data-toggle="collapse" data-target="#clhSeason1"> <p>Season 1</p> </button> <div id="clhSeason1" class="accordion-panel collapse" data-parent="#CLHNav"> <ol class="mb-0 pl-2"> <li class="mb-2"> <a href="/en/command-line-heroes/season-1/os-wars-part-1" title="OS Wars_Part 1">OS Wars_part 1</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-1/os-wars-part-2-rise-of-linux" title="OS Wars_Part 2">OS Wars_part 2</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-1/agile-revolution" title="The Agile_Revolution">The Agile_Revolution</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-1/devops-tear-down-that-wall" title="DevOps_Tear Down That Wall">DevOps_Tear Down That Wall</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-1/the-containers-derby" title="The Containers_Derby">The Containers_Derby</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-1/crack-the-cloud-open" title="Crack the Cloud_Open">Crack the Cloud_Open</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-1/days-of-future-open" title="Days of Future_Open">Days of Future_Open</a> </li> </ol> <p class="pb-2"><a class="btn btn-link font-family-monospace text-white" href="/en/command-line-heroes/season-1" title="Explore season 1">Explore Season 1</a></p> </div> </div> <div class="nav-group-wrapper pl-2 pl-sm-3 pr-sm-8" data-bg-image="/rhdc/managed-files/bg_clh-nav-s2.jpg"> <button href="#" class="accordion-toggle collapsed py-2" data-toggle="collapse" data-target="#clhSeason2"> <p>Season 2</p> </button> <div id="clhSeason2" class="accordion-panel collapse" data-parent="#CLHNav"> <ol class="mb-0 pl-2"> <li class="mb-2"> <a href="/en/command-line-heroes/season-2/press-start" title="Press Start">Press Start</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-2/hello-world" title="Hello, World">Hello, World</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-2/ready-to-commit" title="Ready to Commit">Ready to Commit</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-2/fail-better" title="Fail Better">Fail Better</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-2/the-one-about-devsecops" title="The One About DevSecOps">The One About DevSecOps</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-2/the-data-explosion" title="The Data Explosion">The Data Explosion</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-2/at-your-serverless" title="At Your Serverless">At Your Serverless</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-2/open-curiosity" title="Open Curiosity">Open Curiosity</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-2/developer-advocacy-roundtable" title="Bonus_Developer Advocacy Roundtable">Bonus_Developer Advocacy Roundtable</a> </li> </ol> <p class="pb-2"><a class="btn btn-link font-family-monospace text-white" href="/en/command-line-heroes/season-2" title="Explore season 2">Explore Season 2</a></p> </div> </div> <div class="nav-group-wrapper pl-2 pl-sm-3 pr-sm-8" data-bg-image="/rhdc/managed-files/bg_clh-nav-s3.jpg"> <button href="#" class="accordion-toggle collapsed py-2" data-toggle="collapse" data-target="#clhSeason3"> <p>Season 3</p> </button> <div id="clhSeason3" class="accordion-panel collapse" data-parent="#CLHNav"> <ol class="mb-0 pl-2"> <li class="mb-2"> <a href="/en/command-line-heroes/season-3/pythons-tale" title="Python's Tale">Python's Tale</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-3/learning-the-basics" title="Learning the BASICs">Learning the BASICs</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-3/creating-javascript" title="Creating JavaScript">Creating JavaScript</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-3/diving-for-perl" title="Diving for Perl">Diving for Perl</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-3/the-infrastructure-effect" title="The Infrastructure Effect">The Infrastructure Effect</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-3/heroes-in-a-bash-shell" title="Heroes in a Bash Shell">Heroes in a Bash Shell</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-3/talking-to-machines" title="Talking to Machines">Talking to Machines</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-3/the-c-change" title="The C Change">The C Change</a> </li> </ol> <p class="pb-2"><a class="btn btn-link font-family-monospace text-white" href="/en/command-line-heroes/season-3" title="Explore season 3">Explore Season 3</a></p> </div> </div> <div class="nav-group-wrapper pl-2 pl-sm-3 pr-sm-8" data-bg-image="/rhdc/managed-files/bg_clh-nav-s4.jpg"> <button href="#" class="accordion-toggle collapsed py-2" data-toggle="collapse" data-target="#clhSeason4"> <p>Season 4</p> </button> <div id="clhSeason4" class="accordion-panel collapse" data-parent="#CLHNav"> <ol class="mb-0 pl-2"> <li class="mb-2"> <a href="/en/command-line-heroes/season-4/minicomputers" title="Minicomputers">Minicomputers</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-4/mainframes" title="Mainframes">Mainframes</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-4/personal-computers" title="Personal Computers">Personal Computers</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-4/floppies" title="Floppies">Floppies</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-4/smarter-phones" title="Smarter Phones">Smarter Phones</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-4/open-source-hardware" title="Open Source Hardware">Open Source Hardware</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-4/consoles" title="Consoles">Consoles</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-4/steve-wozniak" title="Steve Wozniak">Steve Wozniak</a> </li> </ol> <p class="pb-2"><a class="btn btn-link font-family-monospace text-white" href="/en/command-line-heroes/season-4" title="Explore season 4">Explore Season 4</a></p> </div> </div> <div class="nav-group-wrapper pl-2 pl-sm-3 pr-sm-8" data-bg-image="/rhdc/managed-files/bg_clh-nav-s5.jpg"> <button href="#" class="accordion-toggle collapsed py-2" data-toggle="collapse" data-target="#clhSeason5"> <p>Season 5</p> </button> <div id="clhSeason5" class="accordion-panel collapse" data-parent="#CLHNav"> <ol class="mb-0 pl-2"> <li class="mb-2"> <a href="/en/command-line-heroes/season-5/becoming-a-coder" title="Becoming a Coder">Becoming a Coder</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-5/where-coders-code" title="Where Coders Code">Where Coders Code</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-5/what-kind-of-coder-will-you-become" title="What Kind of Coder Will You Become?">What Kind of Coder Will You Become?</a> </li> </ol> <p class="pb-2"><a class="btn btn-link font-family-monospace text-white" href="/en/command-line-heroes/season-5" title="Explore season 5">Explore Season 5</a></p> </div> </div> <div class="nav-group-wrapper pl-2 pl-sm-3 pr-sm-8" data-bg-image="/rhdc/managed-files/bg_clh-nav-s6.jpg"> <button href="#" class="accordion-toggle collapsed py-2" data-toggle="collapse" data-target="#clhSeason6"> <p>Season 6</p> </button> <div id="clhSeason6" class="accordion-panel collapse" data-parent="#CLHNav"> <ol class="mb-0 pl-2"> <li class="mb-2"> <a href="/en/command-line-heroes/season-6/jerry-lawson" title="Jerry Lawson">Jerry Lawson</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-6/gladys-west" title="Dr. Gladys West">Dr. Gladys West</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-6/mark-dean" title="Dr. Mark Dean">Dr. Mark Dean</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-6/marc-hannah" title="Dr. Marc Hannah">Dr. Marc Hannah</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-6/clarence-ellis" title="Dr. Clarence Ellis">Dr. Clarence Ellis</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-6/roy-clay" title="Roy Clay">Roy Clay</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-6/gladys-perkins" title="Gladys Perkins">Gladys Perkins</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-6/arlan-hamilton" title="Arlan Hamilton">Arlan Hamilton</a> </li> </ol> <p class="pb-2"><a class="btn btn-link text-monospace text-white" href="/en/command-line-heroes/season-6" title="Explore season 6">Explore Season 6</a></p> </div> </div> <div class="nav-group-wrapper pl-2 pl-sm-3 pr-sm-8" data-bg-image="/rhdc/managed-files/season-7_nav.jpg"> <button href="#" class="accordion-toggle collapsed py-2" data-toggle="collapse" data-target="#clhSeason7"> <p>Season 7</p> </button> <div id="clhSeason7" class="accordion-panel collapse" data-parent="#CLHNav"> <ol class="mb-0 pl-2"> <li class="mb-2"> <a href="/en/command-line-heroes/season-7/dot-com" title="Connecting The Dot-Com">Connecting The Dot-Com</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-7/nsfnet" title="From NSF to ISP">From NSF to ISP</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-7/html" title="A Language for the Web">A Language for the Web</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-7/ux" title="Web UX Begins">Web UX Begins</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-7/shopping" title="Shopping for the Web">Shopping for the Web</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-7/search" title="Looking for Search">Looking for Search</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-7/world" title="The World of the World Wide Web">The World of the World Wide Web</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-7/bubble" title="After the Bubble">After the Bubble</a> </li> </ol> <p class="pb-2"><a class="btn btn-link font-family-monospace text-white" href="/en/command-line-heroes/season-7" title="Explore season 7">Explore Season 7</a></p> </div> </div> <div class="nav-group-wrapper pl-2 pl-sm-3 pr-sm-8" data-bg-image="/rhdc/managed-files/s8-nav.jpg"> <button href="#" class="accordion-toggle collapsed py-2" data-toggle="collapse" data-target="#clhSeason8"> <p>Season 8</p> </button> <div id="clhSeason8" class="accordion-panel collapse" data-parent="#CLHNav"> <ol class="mb-0 pl-2"> <li class="mb-2"> <a href="/en/command-line-heroes/season-8/robot-as-servant" title="Robot as Servant">Robot as Servant</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-8/robot-as-software" title="Robot as Software">Robot as Software</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-8/robot-as-maker" title="Robot as Maker">Robot as Maker</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-8/robot-as-humanoid" title="Robot as Humanoid">Robot as Humanoid</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-8/robot-as-body" title="Robot as Body">Robot as Body</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-8/humans-as-robot-caretakers" title="Humans as Robot Caretakers">Humans as Robot Caretakers</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-8/robot-as-threat" title="Robot as Threat">Robot as Threat</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-8/robot-as-vehicle" title="Robot as Vehicle">Robot as Vehicle</a> </li> </ol> <p class="pb-2"><a class="btn btn-link text-monospace text-white" href="/en/command-line-heroes/season-8" title="Explore season 8">Explore Season 8</a></p> </div> </div> <div class="nav-group-wrapper pl-2 pl-sm-3 pr-sm-8" data-bg-image="/rhdc/managed-files/season-9_menu.jpg"> <button href="#" class="accordion-toggle collapsed py-2" data-toggle="collapse" data-target="#clhSeason9"> <p>Season 9</p> </button> <div id="clhSeason9" class="accordion-panel collapse" data-parent="#CLHNav"> <ol class="mb-0 pl-2"> <li class="mb-2"> <a href="/en/command-line-heroes/season-9/relentless-replicators" title="Relentless Replicants">Relentless Replicants</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-9/terrifying-trojans" title="Terrifying Trojans">Terrifying Trojans</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-9/logic-bombs" title="Lurking Logic Bombs">Lurking Logic Bombs</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-9/botnets" title="Dawn of the Botnets">Dawn of the Botnets</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-9/menace-in-the-middle" title="Menace in the Middle">Menace in the Middle</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-9/ransomware" title="Ruthless Ransomers">Ruthless Ransomers</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-9/invisible-intruders" title="Invisible Intruders">Invisible Intruders</a> </li> <li class="mb-2"> <a href="/en/command-line-heroes/season-9/all-together-now" title="All Together Now">All Together Now</a> </li> </ol> <p class="pb-2"><a class="btn btn-link font-family-monospace text-white" href="/en/command-line-heroes" title="Explore season 9">Explore Season 9</a></p> </div> </div>  <ul class="social-list list-inline list-unstyled pl-5 pl-sm-6 mt-1"> <li class="list-inline-item mr-1"> <a class="text-white" href="//www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.redhat.com%2Fen%2Fcommand-line-heroes%2F" target="_blank" title="Facebook" onclick="return !window.open(this.href, 'Facebook', 'menubar=no,toolbar=no,resizable=no,scrollbars=no,height=600,width=600')"> <span class="web-icon-facebook" aria-label="true"></span> </a> </li> <li class="list-inline-item mr-1"> <a class="text-white" href="//www.twitter.com/share?url=https%3A%2F%2Fwww.redhat.com%2Fen%2Fcommand-line-heroes%2F&text=An%20original%20podcast%20about%20the%20people%20who%20transform%20technology%20from%20the%20command%20line%20up.%20Presented%20by%20Red%20Hat." target="_blank" title="Twitter" onclick="return !window.open(this.href, 'Twitter', 'menubar=no,toolbar=no,resizable=no,scrollbars=no,height=600,width=600')"> <span class="web-icon-twitter" aria-label="true"></span> </a> </li> <li class="list-inline-item mr-1"> <a class="text-white" href="//www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.redhat.com%2Fen%2Fcommand-line-heroes%2F&title=Command%20Line%20Heroes&summary=Hear%20the%20epic%20true%20tales%20of%20how%20developers%2C%20programmers%2C%20hackers%2C%20geeks%2C%20and%20open%20source%20rebels%20are%20revolutionizing%20the%20technology%20landscape.%20Command%20Line%20Heroes%20is%20a%20new%20podcast%20hosted%20by%20Saron%20Yitbarek%20and%20produced%20by%20Red%20Hat.&source=Red%20Hat" target="_blank" title="LinkedIn" onclick="return !window.open(this.href, 'LinkedIn', 'menubar=no,toolbar=no,resizable=no,scrollbars=no,height=600,width=600')" aria-current="page"> <span class="web-icon-linkedin" aria-label="true"></span> </a> </li> <li class="list-inline-item mr-1"> <a class="text-white" href="mailto:?subject=Command Line Heroes&body=Hear%20the%20epic%20true%20tales%20of%20how%20developers%2C%20programmers%2C%20hackers%2C%20geeks%2C%20and%20open%20source%20rebels%20are%20revolutionizing%20the%20technology%20landscape.%20Command%20Line%20Heroes%20is%20a%20new%20podcast%20hosted%20by%20Saron%20Yitbarek%20and%20produced%20by%20Red%20Hat. https://www.redhat.com/en/command-line-heroes" target="_blank" title="Email" aria-current="page"> <span class="web-icon-envelope" aria-label="true"></span> </a> </li> </ul> </div> <div class="language-switcher position-absolute bottom-0 right-0 w-100"> <div class="row justify-content-center mx-0"> <div class="col-6 text-center border-right border-black border-20 language-active"> <a href="https://www.redhat.com/es/command-line-heroes" line><img class="img-fluid py-2" width="90" src="/rhdc/managed-files/CLH-logo-Espanol.svg" alt="CLH en espanol logo"></a></div> <div class="col-6 text-center language-inactive"><a href="https://www.redhat.com/en/command-line-heroes" line><img class="img-fluid pt-3 pb-2" width="130" src="/rhdc/managed-files/CLH-logo-inactive.svg" alt="CLH logo"></a></div> </div> </div> </div> <div class="mb-6"> </div></div> </div> </div>  <section class="dms-band clh-hero--episode pt-12"> <div class="container"> <div class="row"> <div class="col-lg-6 col-xl-5 pt-lg-6 pt-xl-12 text-white reveal"> <h5 class="section-label mb-1 font-weight-light">Season 9, Episode 2</h5> <h1 class="mb-lg-4 text-monospace font-size-28 font-size-lg-32"><strong>Terrifying Trojans</strong></h1> <div class="clh-audio plyr-theme"> <audio src="https://cdn.simplecast.com/audio/a88fbe81-5614-4834-8a78-24c287debbe6/episodes/d51b7095-6f7d-49de-b8bf-5f7e06fb0452/audio/24e1c263-374d-4b9c-bec4-f42efd9f43c3/default_tc.mp3" preload="none" controls></audio> </div> <p class="cta-group"> <a class="btn btn-link text-monospace text-white" href="#" data-toggle="nav-shelf" data-toggle-panel="#clhSubscribe" title="Listen to this episode later" data-menu="subscribe">Listen to this episode later </a> </p> </div> <div class="col-lg-6 col-xl-7 p-0 text-center reveal"> <img class="img-fluid" src="/rhdc/managed-files/hero_ep2.png" alt="Episode art"> </div> </div> </div> </section>  <section class="dms-band clh-notes pt-0"> <div class="episode-parallax position-absolute"> <ul class="episode-parallax-scene list-unstyled position-relative"> <li class="layer layer-stars-background" data-depth="0.1" data-type="parallax"> </li> <li class="layer layer-stars-foreground" data-depth="0.3" data-type="parallax"> </li> </ul> </div> <div class="container text-white"> <div class="row"> <div class="col-lg-7 col-xl-6 mx-auto pt-6 reveal"> <ul class="nav nav-tabs mb-3 d-flex justify-content-center text-monospace"> <li class="nav-item text-center"> <a class="tab-show-notes nav-link mx-0 mr-md-6 p-0 font-size-22 text-white active" href="#show-notes" data-toggle="tab" title="Show notes">Show notes</a> </li> <li class="nav-item text-center"> <a class="tab-transcript nav-link mt-2 mt-md-0 mx-0 p-0 font-size-22 text-white" href="#transcript" data-toggle="tab" title="Transcript">Transcript</a> </li> </ul> <div class="tab-content"> <div id="show-notes" class="tab-pane fade active show"> <div class="row"> <div class="col-12"> <p>Sometimes a fun game, a friendly email, or an innocuous link can be the most convenient place for an enemy to hide. And its prey is none the wiser—until it strikes. The trojan horse uses many layers of deception to do damage. The ingenuity of these attacks keeps an alarming pace with the technology we use every day. But as long as we stick to trusted sites and sources, we can better the odds against those who use our trusting nature against us.</p> <p class="mb-lg-0">Steve Weisman tells us about how trojans still keep security professionals on the defensive. Josephine Wolff details how these attacks have evolved, and keep evolving, to catch victims off guard. And Yanick Franantonio takes on the new frontier for trojan attacks. </p> </div> </div> </div> <div id="transcript" class="tab-pane fade"> <div class="row"> <div class="col-12 text-white"> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">00:04 - Saron Yitbarek</p> </div> </div> <p>You are at base camp in the middle of a bleak stretch of Antarctica, many miles away from any form of civilization. You're there with a team. You've been there for months. You all know each other pretty well, trust one another. You have to in a remote environment like this. But one night you hear your sled team barking. You go to investigate. The dogs are agitated, growling, and snarling, and you're not sure why. The next morning doors and windows were left open letting snow in, and no one can explain it. Your team is on edge.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">00:54 - Saron Yitbarek </p> </div> </div> <p>They're questioning each other, pointing fingers. And then you notice a colleague you thought you could trust with your life, he looks more or less the same, but he's not himself anymore. You might remember the '80s movie, The Thing. An evil alien is lurking among the ice fields of Antarctica and it has the power to take the shape of humans. The thing can commit all kinds of evil just by capitalizing on our basic belief that familiar things won't do us harm. Of course, a trick like that can play out in real life, too.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">01:38 - Saron Yitbarek </p> </div> </div> <p>Happens online all the time. This season, we're exploring the horror stories that haunt our digital lives, the malware, the hacks, the identity theft that keeps security heroes awake at night. And this time we're looking at Trojan horses, the cyber attacks that depend on human behavior. Our want and need to trust. I'm Saron Yitbarek, and this is Command Line Heroes, an original podcast from Red Hat.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">02:11 - Saron Yitbarek </p> </div> </div> <p>I'm definitely weary of emails asking me to do something like confirm my password, but even people who should know better can fall for these scams. We're going to figure out exactly how hackers capitalize on human psychology to make that happen and how and why it can lead to so much destruction. Last time, we learned about viruses and worms, where the goal is rapid far reaching attacks, but the focus of a Trojan isn't speed or reach. It's access. Think about the original Trojan horse. A team of Greek soldiers spills out of a giant wooden horse that the Trojans thought was a gift.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">02:55 - Saron Yitbarek </p> </div> </div> <p>A Trojan horse attack is going to roll right up to your front door and announce itself. It could be a fun game, a friendly email, a tempting bit of click bait. The most appealing, familiar things are offered up. And it's only once we let down our defenses and invite them in that we realize they're harboring an enemy. Once inside a device, Trojans can steal identities, capture keystrokes on banking sites, disable antivirus software, even allow your computer to become a zombie soldier in some hackers botnet.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">03:32 - Saron Yitbarek </p> </div> </div> <p>Some get to work automatically, and others wait patiently for instructions from their creator. What they all have in common is that element of trust. And as we're about to find out, trust can be a powerful and a very dangerous thing.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">03:53 - Steve Weisman </p> </div> </div> <p>Things aren't as bad as you think. They are far worse. The more you know, the more scared you get.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">03:59 - Saron Yitbarek</p> </div> </div> <p>Steve Weisman teaches students at Bentley University about white collar crime with a focus on cyber crimes and identity theft. From his perspective, those in security software are in a difficult situation. Trojans keep evolving to match every new technology. Security teams have no choice but to respond on the fly.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">04:21 - Steve Weisman </p> </div> </div> <p>They are always playing catch up.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">04:23 - Saron Yitbarek </p> </div> </div> <p>But there is something universal, something constant about Trojan attacks and that's the fact that they all take advantage of human trust and they do that by using social engineering.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">04:37 - Saron Yitbarek</p> </div> </div> <p>Social engineering is using information that can be obtained in all kinds of places to lure someone into doing something. So if I get an email that says, "Send me your username and password for your bank," well, I'm not going to trust that. However, if I get one that appears to come from my bank, so they leverage personal information to get you to trust them. Social engineering just is good, old fashion digging, getting information and using that to get people to trust them. And my motto, trust me, you can't trust anyone.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">05:17 - Saron Yitbarek </p> </div> </div> <p>Bit harsh, but point taken. Human trust is the math ingredient, but how does that play out in the real world? What level of damage can a little social engineering really do?</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">05:30 - Steve Weisman </p> </div> </div> <p>When Zeus first came out, people weren't thinking of security and defense that much.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">05:36 - Saron Yitbarek </p> </div> </div> <p>Zeus was a Trojan horse, one of the very first Trojan malware packages. And by 2009, it was a pretty prominent security problem. The thing about 2009, as Weisman just said, is that it was a slightly more naive time. Most people weren't on social media, online banking and even email were new concepts for many.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">05:58 - Steve Weisman </p> </div> </div> <p>People didn't see it coming.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">06:00 - Saron Yitbarek </p> </div> </div> <p>So imagine in that more innocent time, you open your laptop and see an email, a message from a federal tax authority say, looks legit. And the subject line reads "Notice of underreported income," that can't be right. Can it? You better check. And that's it. You clicked on the link in that email and a Trojan entered your computer. Now it waits there totally unnoticed. You don't even know you've been attacked, but next time you hop on a banking website, Zeus records the keystrokes of your login and password.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">06:41 - Saron Yitbarek </p> </div> </div> <p>The stolen info is then shuttled back to the hacker who can tap into your bank account. Money gets funneled to so-called money mules who move the cash around and the rest is your basic crime world shenanigans. Back in 2009, the tech world was not ready for Zeus. $70 million were stolen before software was developed to combat it. And there's no big courthouse conclusion to the story of Zeus. The creator was never found. In fact, whoever they are, they open sourced their code allowing others to adapt it and make their own Trojan malware.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">07:20 - Steve Weisman </p> </div> </div> <p>That basic Zeus code that he provided to everyone, we had defenses on that. But by providing that code, he sort of had the house half built. So other cyber criminals could use that valuable information to develop and evolve newer versions and that's what we have seen.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">07:42 - Saron Yitbarek </p> </div> </div> <p>Tens of millions of PCs were ultimately infected with some form of Zeus and the Trojan technique capitalizing on basic human trust to gain entry into a computer became a mainstay of cyber crime.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">07:55 - Steve Weisman </p> </div> </div> <p>This was something that should have been a wake up for many people and for many it was, but not enough.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">08:03 - Saron Yitbarek </p> </div> </div> <p>The world was growing more connected and along the way, we became used to updating passwords and confirming contact details whenever prompted. Just getting through the day meant putting trust in the entities that reached out to us. And we rarely stopped to wonder who was behind that random email who had taken the form of a trusted friend. That was good news for malicious hackers.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">08:39 - Josephine Wolff </p> </div> </div> <p>A lot of the times, the only clues you have to go on are what's the logo, what's the name, what does the website look like where I'm downloading this from.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">08:47 - Saron Yitbarek </p> </div> </div> <p>Josephine Wolff is an associate professor of cybersecurity policy at the Fletcher School at Tufts University. She describes a world where Trojan attacks are part of a larger arsenal that criminals use, a way to leapfrog pass security innovations.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">09:04 - Josephine Wolff </p> </div> </div> <p>The goal is to make you trust or want it enough that you're willing to sort of go to the trouble of saying, Yeah, I know this was just something I download from the internet and my operating system manufacturer hasn't vetted it and I don't know exactly where it's coming from, but I still really want it.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">09:22 - Saron Yitbarek </p> </div> </div> <p>Security specialists can build all kinds of safeguards into systems. But if a user really wants to believe they have, say, inherited $60 million, just click here. Or, caught the eye of someone who'd like to go on a date with you, open and see, they might go ahead and follow those prompts.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">09:40 - Josephine Wolff </p> </div> </div> <p>That's the goal is to get that initial foothold in a targeted system and circumvent all of the layers of protection that we've built up to try and make that harder to do.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">09:51 - Saron Yitbarek </p> </div> </div> <p>In a world where personal information is often available for anybody to collect online, that means Trojans aren't always generic. Advertisers have learned to personalize and nano target their messages to your specific profile. The creators of Trojans can do the same.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">10:10 - Josephine Wolff </p> </div> </div> <p>I think that's sort of the scariest and most effective form of Trojan attacks is to see somebody who's willing to take the time to figure out okay, who exactly would be a person you would expect to see an email from? Who's a person who you wouldn't be able to sort of just ignore or say maybe this is something suspicious?</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">10:29 - Saron Yitbarek </p> </div> </div> <p>The goal with these targeted Trojans is, of course, to offer you something so appealing so designed to meet your personal needs, that any lessons you know about digital hygiene just sort of fade. And because we're all human, anybody can be tempted.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">10:45 - Josephine Wolff </p> </div> </div> <p>This past year while I was at home, I taught a zoom class and I'm going through my email inbox and I see there's a message there from a colleague at Tufts saying, "If you've experienced any hardship this year due to the pandemic, Tufts University has applied for some funds to support any relief efforts among faculty and staff. You can click here to apply for it."</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">11:11 - Saron Yitbarek </p> </div> </div> <p>Think how targeted that is. It's an email supposedly from one of Wolff's colleagues and it's offering her money, but not in a bonkers, you won the lottery way. It's a really believable way, funding for hardship during the pandemic. It's a very carefully designed promise.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">11:29 - Josephine Wolff </p> </div> </div> <p>People could very easily fall for it. It was reasonably official looking in its formatting in its style. It was a moment when that was a real thing that was happening. Workplaces were offering relief funds of this nature. People try to take advantage of particular moments, particular current events, particular employers, and access to accounts to install Trojan malware, and gain access to computers and accounts.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">11:53 - Saron Yitbarek </p> </div> </div> <p>Did Wolff who specializes in this stuff fall for it?</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">11:58 - Josephine Wolff </p> </div> </div> <p>So I was curious enough to click through to the phishing website that the email linked to. And once you do that, you do get some other clues. You can see, okay, what domain is hosting this website? Is this really a Tufts University website? Things like that. I would say one of the things that was interesting about it was a lot of the times when we talk about this kind of email message, it comes from a slightly wrong email address. Instead of somebody's name @tufts.edu, it will come from like somebody's name @tufts.ed or T-U-F-T.ed or something that's a little bit wrong.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">12:35 - Saron Yitbarek </p> </div> </div> <p>That's the number one giveaway for most of us, isn't it? An email address that's just slightly off, maybe only one letter difference.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">12:44 - Josephine Wolff </p> </div> </div> <p>One of the things that was, I think, really scary about this particular incident was that wasn't the case. It really was coming from a tufts.edu email address, but there was definitely a fair bit of work and effort that had gone into formulating it. So there weren't as many obvious clues as you would hope. There weren't as many of the clues that we sometimes tell people you should look for this when you're reading your email.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">13:07 - Saron Yitbarek </p> </div> </div> <p>The level of care and even cynicism that is needed to avoid these deceptions can sometimes feel over the top. We don't like to treat everything as a potential scam. We don't like to assume every new encounter is a con and largely that's because for most of us, we don't think we have anything on our computers worth stealing. Why wouldn't an elaborate Trojan attack happen to me? It just feels paranoid.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">13:34 - Josephine Wolff </p> </div> </div> <p>This is a fight I have, say, with my parents all the time. They say, "What's interesting in my email? Who would possibly bother?" And sort of that psychology is actually a huge hurdle for people who are trying to get users to take cybersecurity seriously, and I think there are a couple things that are really important to keep in mind in response to that. One is that it is not just about protecting yourself. Your computers, your accounts are often an intermediate point for attacking other victims.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">14:04 - Saron Yitbarek </p> </div> </div> <p>Wolff works at a university, for example, and universities are favorite targets for cyber criminals. Not because they want Dr. Wolff's personal lecture notes, but because universities communicate with governments and private companies.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">14:18 - Josephine Wolff </p> </div> </div> <p>And it will look like that traffic is coming from a place that that company or that government communicates with all the time, a place that can be trusted. So the first thing I'd say is really when we're talking about security, we're not just talking about, do you care about your data? Do you want to protect it? We're talking about do you want to be a good citizen? Do you want to be sort of somebody who's contributing to the overall security of the internet at large and the security of everybody else who's using it, not just you?</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">14:47 - Saron Yitbarek </p> </div> </div> <p>Even if you don't care about being a good citizen, you probably have more to protect than you think.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">14:53 - Josephine Wolff </p> </div> </div> <p>Probably, you do some online banking. Probably, your payroll is operated through a website and an online account. Probably, you manage important functions in your life through websites and all of that is vulnerable.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">15:11 - Saron Yitbarek </p> </div> </div> <p>So there are two things here. First, a lot of people don't take security seriously, leaving them open to malware like Trojans. And second, those same people are importing more and more of their lives into digital spaces where Trojans work. Maybe most importantly, our financial lives have moved online.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">15:33 - Josephine Wolff </p> </div> </div> <p>As there's more money changing hands over the internet, then there's perhaps inevitably much more interest in how do you steal that money and how do you steal all of the information that can be turned into money in that space.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">15:47 - Saron Yitbarek </p> </div> </div> <p>We're not just talking about phishing emails anymore. Trojans evolving to meet the moment. Steve Weisman mentioned a new avenue for Trojan attacks that frankly have me a little freaked.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">15:59 - Steve Weisman </p> </div> </div> <p>There have been some banking Trojans that have infected apps, legitimate apps. We always tell people, only get your apps from the legitimate stores, but even when you get your app from the legitimate store, it can still be infected.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">16:16 - Saron Yitbarek </p> </div> </div> <p>That made me wonder, what is the new frontier of Trojan horses? This con, as old as the ancient Greeks, what shape does that wooden horse take today?</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">16:33 - Yanick Fratantonio </p> </div> </div> <p>Humans historically have not been the best partners of themselves. The root of many problems start from there.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">16:41 - Saron Yitbarek </p> </div> </div> <p>Yanick Fratantonio is a senior security researcher at Cisco Talos. Before joining Cisco, he spent years in academia researching Android security. He taught a course that focused on mobile security, one of the first, and that gives him a unique perspective. He sees how new tech is often a space where we are naive, where we might not be thinking about security issues. For example, all the apps we keep downloading onto our phones, each one is a potential Trojan if we aren't careful.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">17:15 - Saron Yitbarek </p> </div> </div> <p>We've made things safer by centralizing app delivery through app stores that try to block bad actors, but it's still possible for Trojans to get through. You've probably had the experience of looking for an app and then wondering "There are a few similar ones here, which one is the real one?"</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">17:34 - Yanick Fratantonio </p> </div> </div> <p>This stuff can still happen. I think maybe three or four years ago that you would look for WhatsApp and you get tons of results with many apps that looks like WhatsApp with the same icon and so forth. And of course, many of these, there were not maybe malware but was adware or tons advertisements and so forth. But this gives you an idea that even if there is a central store and Google and Apple check for this stuff, of course there are techniques to sneak in.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">18:02 - Saron Yitbarek </p> </div> </div> <p>More than just an app's thumbnail can be faked, of course. An entire shadow UI is sometimes developed, a fully developed fake version of an app that you trust. Fratantonio has found two different versions of this trick.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">18:17 - Yanick Fratantonio </p> </div> </div> <p>One, we'll say traditional phishing, where basically I show you something and this UI looks like the bank application or your Facebook application, but it's not. It's actually a malicious app like somehow mimicking the UI of Facebook and the user would be lured into putting username and password, and I will steal the password like this.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">18:37 - Saron Yitbarek </p> </div> </div> <p>The second type of trick is something Fratantonio calls click- jacking.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">18:42 - Yanick Fratantonio </p> </div> </div> <p>If you place this fake OK button exactly on top of where you want the user to click, then this click is now going to go through the OK button, go in the bottom and the bottom maybe it’s enabled this permission.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">18:55 - Saron Yitbarek </p> </div> </div> <p>In other words, the malware is hijacking your click. You thought you were clicking okay to one thing, but you've just granted access to maybe your contact list. Whenever we use apps, we're inviting new software and sometimes malware into our lives. And think of the kinds of permissions we give to our apps.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">19:17 - Voice Actor </p> </div> </div> <p>Can I have access to your camera? How about your email? Hey, mind if I track your location?</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">19:21 - Saron Yitbarek </p> </div> </div> <p>We can mitigate that risk, though, by not giving blanket permissions.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">19:26 - Yanick Fratantonio </p> </div> </div> <p>Now we switched to a run time permission model, which means that a front time after you stole the app, after you can use the app a bit, they ask you, "Hey, can I please have this permission?"</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">19:36 - Saron Yitbarek </p> </div> </div> <p>But remember criminals are always looking for ways to work around new limitations.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">19:41 - Yanick Fratantonio </p> </div> </div> <p>The bad guy switched to try to find a context that somehow legitimized their request.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">19:48 - Saron Yitbarek </p> </div> </div> <p>In the same way that email Trojans began getting personal details about the user, a Trojan app can be custom made to request the permissions that are desired.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">19:58 - Yanick Fratantonio </p> </div> </div> <p>For example, if the bad guy wants to get my voice and wants to record my voice, what would the bad guy do? Some kind of adding a fake voice recording application. And once he asks me for the voice permission, I'm going to give it to it.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">20:13 - Saron Yitbarek </p> </div> </div> <p>Fratantonio feels that for most people keeping track of your permissions is a key way to guard against Trojans in the app space. Attacks that circumvent permissions are incredibly expensive and are more likely to target specific state sponsored actions against particular people.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">20:30 - Yanick Fratantonio </p> </div> </div> <p>I'm talking about journalists, activists and things like this.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">20:34 - Saron Yitbarek </p> </div> </div> <p>Most of us can take comfort in the fact that bypassing security mechanisms on our phones has become much harder to do in even the last 10 years, especially with constant security updates. Still, every user has a responsibility to be skeptical about the apps they're using.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">20:53 - Yanick Fratantonio </p> </div> </div> <p>The biggest thing is not to store random apps from the store. That's stupid advice in a sense that people have these phones because they want to store random apps from the store. So, I guess the followup on this is if you really, really, really, really want random apps from the store, try to be reasonable in a sense of try to have a reality check on what you're asked to do.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">21:17 - Saron Yitbarek </p> </div> </div> <p>Every new form of communication has a custom designed Trojan of its very own, and you are the final gatekeeper.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">21:31 - Saron Yitbarek </p> </div> </div> <p>So how did those poor guys in Antarctica ever survive The Thing? They didn't just hope it stopped taking over their team members. They devised a test. They found a way to check everybody who looked human until they found an alien imposter. That's exactly how we defend ourselves against Trojans. We stop acting with blind trust and start looking deeper at the entities that reach out to us online. Because here's the thing, these cons, these Trojan horses, they need your permission before they can do their evil deeds.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">22:11 - Saron Yitbarek </p> </div> </div> <p>There might not always be a magic bullet to take them down, but a little personal responsibility and common sense goes a long way.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">22:21 - Voice Actor </p> </div> </div> <p>Hey, it's me. Check out this awesome link.</p> <div class="card mb-2"> <div class="card-body p-1 bg-white text-purple-dark"> <p class="font-weight-bold">22:25 - Saron Yitbarek </p> </div> </div> <p>Nope. I'm Saron Yitbarek, and this is Command Line Heroes, an original podcast from Red Hat. Next time, we're exploring another nefarious bit of software, the logic bomb. To make sure you never miss an episode, subscribe, follow wherever you get your podcasts. Until then, keep on coding.</p> </div> </div> </div> </div> </div> </div> </div> </section>  <section class="dms-band clh-bonus text-white"> <div class="container"> <div class="row"> <div class="col-12 reveal reveal_visible"> <div class="row"> <div class="col-12 col-md-7 d-flex reveal"> <div class="card rounded-0 bg-purple-darker"> <div class="card-body p-2 p-md-3"> <h3 class="font-family-monospace font-weight-light">Further reading</h3> <p>Each episode is based on a lot of research. Here are just a few of the resources we used to learn about trojan horses:</p> <p><a class="btn btn-link text-white" href="//www.kaspersky.com/resource-center/threats/a-brief-history-of-computer-viruses-and-what-the-future-holds" target="_blank" title="A Brief History of Computer Viruses & What the Future Holds">From Kaspersky: A Brief History of Computer Viruses & What the Future Holds</a></p> <p><a class="btn btn-link text-white"href="//spectrum.ieee.org/new-screening-technique-reveals-142-malicious-apple-apps" target="_blank" title="Screening App Found 142 Malicious Apps in Apple’s App Store">Screening App Found 142 Malicious Apps in Apple’s App Store by Michelle Hampson</a> </p> <p><a class="btn btn-link text-white"href="//www.pcworld.com/article/430942/trojan-program-based-on-zeus-targets-150-banks-can-hijack-webcams.html" target="_blank" title="Trojan Program Based On ZeuS Targets 150 Banks, Can Hijack Webcams">Trojan Program Based On ZeuS Targets 150 Banks, Can Hijack Webcams by Lucian Constantin</a></p> <p><a class="btn btn-link text-white"href="//www.csoonline.com/article/3403381/what-is-a-trojan-horse-how-this-tricky-malware-works.html" target="_blank" title="What Is a Trojan? How This Tricky Malware Works">What Is a Trojan? How This Tricky Malware Works by <br class="d-none d-lg-block">Josh Fruhlinger</a></p> </div> </div> </div> <div class="col-12 col-md-5 d-flex reveal"> <div class="card mb-0 rounded-0 bg-purple-darker"> <div class="card-body p-2 p-md-3"> <h3 class="font-family-monospace font-weight-light">Ghosts of security past</h3> <p>Season 9 is all about fighting the horrors of malware. In security, trust is just one piece of the puzzle. It’s hard to believe now, but in 1995, trust in online shopping was in short supply. Hear more about the tech that made e-commerce safer in our Season 7 episode: <a href="/en/command-line-heroes/season-7/shopping" class="text-white"><u>Shopping for the Web</u></a></p> </div> </div> </div> </div> </div> </div> </div> </div> </section>  <div class="rh-raw" data-rh-unique-id="6730211"> <section class="dms-band clh-guests bg-size-cover bg-pos-cc bg-no-repeat py-12" data-bg-image="/rhdc/managed-files/clh-guests-S9E2.png"> <div class="container"> <div class="row pt-2 pt-xl-8 pb-xl-12"> <div class="col-12"> <div class="row guest-carousel pb-2"> <div class="col-md-6 col-lg-3 reveal"> <div class="card mb-0 h-100 bg-white rounded-0"> <a class="d-flex d-md-block w-100 h-100 text-purple-darker" href="//scamicide.com/about-steve/" target="_blank" title="Steve Weisman"> <div class="card-header p-0 bg-no-repeat bg-pos-cc bg-size-cover rounded-0" data-bg-image="/rhdc/managed-files/Steve-Weisman.png"></div> <div class="card-body p-2 bg-white"> <h4 class="text-monospace">Steve Weisman</h4> <p class="mb-0">Senior Lecturer, Bentley University</p> </div> </a> </div> </div> <div class="col-md-6 col-lg-3 reveal"> <div class="card mb-0 h-100 bg-white rounded-0"> <a class="d-flex d-md-block w-100 h-100 text-purple-darker" href="//fletcher.tufts.edu/people/josephine-wolff" target="_blank" title="Josephine Wolff"> <div class="card-header p-0 bg-no-repeat bg-pos-cc bg-size-cover rounded-0" data-bg-image="/rhdc/managed-files/Wolff.png"></div> <div class="card-body p-2 bg-white"> <h4 class="text-monospace">Josephine Wolff</h4> <p class="mb-0">Associate Professor of Cybersecurity Policy, Tufts University</p> </div> </a> </div> </div> <div class="col-md-6 col-lg-3 reveal"> <div class="card mb-0 h-100 bg-white rounded-0"> <a class="d-flex d-md-block w-100 h-100 text-purple-darker" href="//twitter.com/reyammer" target="_blank" title="Yanick Franantonio"> <div class="card-header p-0 bg-no-repeat bg-pos-cc bg-size-cover rounded-0" data-bg-image="/rhdc/managed-files/Yanick-Franantonio.png"></div> <div class="card-body p-2 bg-white"> <h4 class="text-monospace">Yanick Franantonio</h4> <p class="mb-0">Senior Security Researcher, Cisco Talos</p> </div> </a> </div> </div> </div> <div class="row guest-carousel-nav mb-0 mx-10 d-lg-none"> <div class="col-1 col-md-3 col-lg-4 pl-1 pr-0 text-left text-md-right reveal"> <a class="carousel-prev font-size-36" href="#" title="Previous"><</a> </div> <div class="col-10 col-md-6 col-lg-4 px-0 reveal"> <div class="carousel-dots font-size-36 d-flex justify-content-center"></div> </div> <div class="col-1 col-md-3 col-lg-4 pl-0 text-right text-md-left reveal"> <a class="carousel-next font-size-36" href="#" title="Next">></a> </div> </div> </div> </div> </div> </section> </div>  <div class="one-column"> <div class="dx-relative content-region"> <section class="dms-band clh-newsletter pt-0"> <div class="container text-white"> <div class="row mt-md-12 pt-4"> <div class="col-12 col-md-6 col-lg-5 reveal"> <div class="card"> <div class="card-body p-0"> <img class="img-fluid svg svg-white mb-3" src="/rhdc/managed-files/logo-command-line-heroes.svg" width="166" height="42" aria-label="Command Line Heroes logo" title="Command Line Heroes" loading="lazy"> <h2 class="font-family-monospace">Share our shows</h2> <p>We are working hard to bring you new stories, ideas, and insights. Reach out to us on social media, use #CommandLinePod, and follow us for updates and announcements.</p> <div class="row"> <ul class="social-list mb-0 d-flex align-items-center list-unstyled"> <li class="social-item mr-1 mr-sm-2 d-inline-block">Share</li> <li class="social-item d-inline-block"> <a class="social-link d-flex align-items-center justify-content-center text-white" href="//www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.redhat.com%2Fen%2Fcommand-line-heroes%2F" target="_blank" title="Facebook" onclick="return !window.open(this.href, 'Facebook', 'menubar=no,toolbar=no,resizable=no,scrollbars=no,height=600,width=600')"> <span class="web-icon-facebook" aria-label="Facebook"></span> </a> </li> <li class="social-item ml-1 d-inline-block"> <a class="social-link d-flex align-items-center justify-content-center text-white" href="//www.twitter.com/share?url=https%3A%2F%2Fwww.redhat.com%2Fen%2Fcommand-line-heroes%2F&text=An%20original%20podcast%20about%20the%20people%20who%20transform%20technology%20from%20the%20command%20line%20up.%20Presented%20by%20Red%20Hat." target="_blank" title="X" onclick="return !window.open(this.href, 'X', 'menubar=no,toolbar=no,resizable=no,scrollbars=no,height=600,width=600')"> <span class="d-flex" aria-label="X"><svg id="uuid-fa6eed5a-a519-44a2-a49d-33609fd1e951" width="18" height="18" viewBox="0 0 30 30" style="fill: white;" aria-hidden="true"><path d="m16.78,13.54l6.96-8.09h-1.65l-6.04,7.02-4.82-7.02h-5.56l7.3,10.62-7.3,8.48h1.65l6.38-7.42,5.1,7.42h5.56l-7.57-11.01h0Zm-2.26,2.62l-.74-1.06L7.9,6.69h2.53l4.75,6.79.74,1.06,6.17,8.83h-2.53l-5.03-7.2h0Z" stroke-width="0" /></svg></span> </a> </li> <li class="social-item ml-1 d-inline-block"> <a class="social-link d-flex align-items-center justify-content-center text-white" href="//www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.redhat.com%2Fen%2Fcommand-line-heroes%2F&title=Command%20Line%20Heroes&summary=Hear%20the%20epic%20true%20tales%20of%20how%20developers%2C%20programmers%2C%20hackers%2C%20geeks%2C%20and%20open%20source%20rebels%20are%20revolutionizing%20the%20technology%20landscape.%20Command%20Line%20Heroes%20is%20a%20new%20podcast%20hosted%20by%20Saron%20Yitbarek%20and%20produced%20by%20Red%20Hat.&source=Red%20Hat" target="_blank" title="LinkedIn" onclick="return !window.open(this.href, 'LinkedIn', 'menubar=no,toolbar=no,resizable=no,scrollbars=no,height=600,width=600')"> <span class="web-icon-linkedin" aria-label="LinkedIn"></span> </a> </li> <li class="social-item ml-1 d-inline-block"> <a class="social-link d-flex align-items-center justify-content-center text-white " href="mailto:?subject=Command Line Heroes&body=Hear%20the%20epic%20true%20tales%20of%20how%20developers%2C%20programmers%2C%20hackers%2C%20geeks%2C%20and%20open%20source%20rebels%20are%20revolutionizing%20the%20technology%20landscape.%20Command%20Line%20Heroes%20is%20a%20new%20podcast%20hosted%20by%20Saron%20Yitbarek%20and%20produced%20by%20Red%20Hat. https://www.redhat.com/en/command-line-heroes" target="_blank" title="Email" aria-current="page"> <span class="web-icon-envelope" aria-label="Email"></span> </a> </li> </ul> </div> </div> </div> </div> <div class="col-12 col-md-6 offset-lg-1 reveal"> <div class="card mb-0 bg-white rounded-0 text-black"> <div class="card-body p-2 p-md-3"> <h2 class="text-red font-family-monospace">Presented by Red Hat</h2> <p class="mb-0">Sharing knowledge has defined us from the beginning–ever since co-founder Marc Ewing became known as “the helpful guy in the red hat.” Head over to the Red Hat Blog for expert insights and epic stories from the world of enterprise tech.</p> </div> <div class="card-footer pt-0 px-2 px-md-3 pb-2 pb-md-3"> <rh-cta variant="primary"><a class="mb-0" href="https://www.redhat.com/en/red-hat-original-series" title="Red Hat original series" data-analytics-category="Command Line Heroes|Presented by Red Hat|See original shows" data-analytics-text="See original shows" data-analytics-linktype="cta">See original shows</a></rh-cta> <rh-cta class="pl-2"><a href="https://www.redhat.com/en/blog" title="Red Hat blog" data-analytics-category="Command Line Heroes|Presented by Red Hat|Read the blog" data-analytics-text="Read the blog" data-analytics-linktype="cta">Read the blog</a></rh-cta> </div> </div> </div> </div> </div> </section> </div> </div> </div> </div> </div> </article> </div> <rh-footer-universal slot="universal"><h3 slot="links-primary" hidden data-analytics-text="Red Hat legal and privacy links" >Red Hat legal and privacy links</h3><ul slot="links-primary" data-analytics-region="page-footer-bottom-primary"><li><a href="/en/about/company" data-analytics-category="Footer|Corporate" data-analytics-text="About Red Hat" >About Red Hat</a></li><li><a href="/en/jobs" data-analytics-category="Footer|Corporate" data-analytics-text="Jobs" >Jobs</a></li><li><a href="/en/events" data-analytics-category="Footer|Corporate" data-analytics-text="Events" >Events</a></li><li><a href="/en/about/office-locations" data-analytics-category="Footer|Corporate" data-analytics-text="Locations" >Locations</a></li><li><a href="/en/contact" data-analytics-category="Footer|Corporate" data-analytics-text="Contact Red Hat" >Contact Red Hat</a></li><li><a href="/en/blog" data-analytics-category="Footer|Corporate" data-analytics-text="Red Hat Blog" >Red Hat Blog</a></li><li><a href="/en/about/our-culture/diversity-equity-inclusion" data-analytics-category="Footer|Corporate" data-analytics-text="" >Diversity, equity, and inclusion</a></li><li><a href="https://coolstuff.redhat.com/" data-analytics-category="Footer|Corporate" data-analytics-text="Cool Stuff Store" >Cool Stuff Store</a></li><li><a href="https://www.redhat.com/en/summit" data-analytics-category="Footer|Corporate" data-analytics-text="Red Hat Summit" >Red Hat Summit</a></li></ul><rh-footer-copyright slot="links-secondary">© 2024 Red Hat, Inc.</rh-footer-copyright><h3 slot="links-secondary" hidden data-analytics-text="Red Hat legal and privacy links" >Red Hat legal and privacy links</h3><ul slot="links-secondary" data-analytics-region="page-footer-bottom-secondary"><li><a href="/en/about/privacy-policy" data-analytics-category="Footer|Red Hat legal and privacy links" data-analytics-text="Privacy statement" >Privacy statement</a></li><li><a href="/en/about/terms-use" data-analytics-category="Footer|Red Hat legal and privacy links" data-analytics-text="Terms of use" >Terms of use</a></li><li><a href="/en/about/all-policies-guidelines" data-analytics-category="Footer|Red Hat legal and privacy links" data-analytics-text="All policies and guidelines" >All policies and guidelines</a></li><li><a href="/en/about/digital-accessibility" data-analytics-category="Footer|Red Hat legal and privacy links" data-analytics-text="Digital accessibility" >Digital accessibility</a></li><li><span id="teconsent"></span></li></ul></rh-footer-universal> <div id="consent_blackbar" style="position: fixed;bottom: 0;width: 100%;z-index: 5;padding: 10px;"></div> <script>if (("undefined" !== typeof _satellite) && ("function" === typeof _satellite.pageBottom)) {_satellite.pageBottom();}</script> <script src="https://js.sentry-cdn.com/676ea2c2d4a147c2834066d24c04a9e4.min.js" crossorigin="anonymous"></script> <script src="/rhdc/system-files/js/js_m5sCj6MxR7zKyCN6dJyr-URTyyym3ue2cApHHdWow_A.js?scope=footer&delta=1&language=en&theme=rhdc&include=eJyNUUFuxDAI_FASP6KnXvsBi9hsTNcxEZCt8vuSTbRK1UN7sYGBAQYpOUVoUDejpEF-uBFzrnFkM547KZHJ0dnhCSUkQTA8YqkSNuvkbzIlr1EESeU_6SjC0ummhnMYQXEfY__jSmGqPEJ9K8Izdl84Sgn-fpTTXm7YN3jQBEbcnt2ePfqj7leg1yS0mF4AResrtKlPzHfCC3JjNpR-bfRA0ZPtsozJquZbDombujbDKdsAC3UVNl4tZtLEXr4Fbpi4dp5HtkWcR8whwXLMjTkWsJjumMnYhTcYKk3F8n6VE9UCu1lp3IXsPedUwaOOv-9jdLMzQLhR9dGHF_9rp4yLYPKj5mObTz30P0_zcr8BQH_baQ"></script> <script src="/modules/contrib/webrh/@cpelements/pfe-navigation/dist/pfe-navigation.min.js" type="module"></script> <script src="/themes/custom/rhdc/js/rhdc-set-lang-cookie.js?snbk8m" async></script> <script src="/modules/contrib/red_hat_shared_libs/dist/js/lazy-load-esmodule.js?v=2.0.7" type="module"></script> <script src="/modules/contrib/red_hat_shared_libs/dist/rhds-elements/modules/rh-cta/rh-cta.js" type="module"></script> <script src="/rhdc/system-files/js/js_3YlcRxeiBv6x4y6fTtdH7bPGG59Gf59c0bTRNwqo0lE.js?scope=footer&delta=6&language=en&theme=rhdc&include=eJyNUUFuxDAI_FASP6KnXvsBi9hsTNcxEZCt8vuSTbRK1UN7sYGBAQYpOUVoUDejpEF-uBFzrnFkM547KZHJ0dnhCSUkQTA8YqkSNuvkbzIlr1EESeU_6SjC0ummhnMYQXEfY__jSmGqPEJ9K8Izdl84Sgn-fpTTXm7YN3jQBEbcnt2ePfqj7leg1yS0mF4AResrtKlPzHfCC3JjNpR-bfRA0ZPtsozJquZbDombujbDKdsAC3UVNl4tZtLEXr4Fbpi4dp5HtkWcR8whwXLMjTkWsJjumMnYhTcYKk3F8n6VE9UCu1lp3IXsPedUwaOOv-9jdLMzQLhR9dGHF_9rp4yLYPKj5mObTz30P0_zcr8BQH_baQ"></script> <script src="/ux/webdms/js/vendors/jquery.waypoints.min.js" defer></script> <script src="/ux/webdms/js/vendors/viewport.min.js" defer></script> <script src="/ux/webdms/js/vendors/plyr.min.js" defer></script> <script src="/ux/webdms/js/vendors/slick.min.js" defer></script> <script src="/ux/webdms/js/scripts.min.js" defer></script> <script src="/ux/webdms/js/projects/clh.min.js" defer></script> </body> </html>

CINXE.COM

Terrifying Trojans | Command Line Heroes