Linux Java-Based Trojan Might Have Been an Accident
A more detailed analysis of the recently discovered cross-platform social networking trojan, suggests that the Linux infection vector might have been an unintended side effect.
The hypothesis was put forth ParetoLogic's Jerome Segura, one of the first security researchers to point out the trojan's capability of infecting Linux systems.
After analyzing the encrypted malicious code, the researcher believes that its authors only intended to target Windows and Mac OS X.
There are routines that explicitly check for Mac OS X, but none for Linux. The "might have been an accident" idea is further supported by the temporary nature of the infection on the latter.