What is Hand of Thief? - Definition from WhatIs.com
Part of the Malware glossary:

Hand of Thief is banking crimeware that targets Linux operating systems.

The Hand of Thief uses a form grabber to steal IDs, passwords and other information pertaining to Internet banking. The crimeware detects Internet banking information while the user enters it into a browser form, capturing it along with identifying data and storing it in a MySQL database.

Hand of Thief's more advanced features include:

  • Cookie stealing to allow it to masquerade as the customer.
  • A back door with SOCK5 proxy to help avoid detection.
  • Form grabbing that works not only in HTTP but HTTPS too.
  • Blocking of communications to anti-virus and other software updates that could detect and remove it.

Hand of Thief includes a virtual machine and debugger check that detects if it may be running in a research sandbox environment. If a research environment is suspected, the software terminates execution to prevent researchers from learning about it.

Because Hand of Thief lacks web injection abilities, it relies on social engineering to trick the user into running an executable file.

This was last updated in September 2013
Contributor(s): Matthew Haughn
Posted by: Margaret Rouse

Related Terms


  • hardware vulnerability

    - A hardware vulnerability is an exploitable weakness in a computer system that enables attack through remote or physical access to system hardware. (WhatIs.com)

  • phishing

    - Phishing is a form of fraud in which the attacker tries to learn information -- such as login credentials or account information -- by masquerading as a reputable entity or person in email, IM, or ... (SearchSecurity.com)

  • cross-site scripting (XSS)

    - Cross-site scripting (XSS) is a security exploit which targets Web sites that accept user input but don't filter that input for common characters or strings used in scripts. (SearchSoftwareQuality.com)


  • Malware

    - Terms related to malware, including definitions about viruses and Trojans and other words and phrases about malicious software.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About Hand of ThiefPowered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment



    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.