User avatar
RaspbianUser1
Posts: 515
Joined: Thu Mar 05, 2020 6:34 pm

Viruses on Linux

Sun Mar 15, 2020 6:51 pm

I do not think I have a virus but would just like to discuss some viruses that do exist on linux, how are they spread and what do they do. Hope this becomes a thread of knowledge :lol: .
A personal question is can they be downloaded by things like yum and apt for example(excluding wget)
Running either Raspberry Pi OS desktop Full or Raspberry Pi OS MATE desktop
Overclocked at 2147MHz CPU and 700 MHz GPU with a over voltage of 7, max or nothing
Think before you delete something a stranger on the internet told you to.

Heater
Posts: 16874
Joined: Tue Jul 17, 2012 3:02 pm

Re: Viruses on Linux

Sun Mar 15, 2020 7:14 pm

Does anyone bother with trying to write actual viruses anymore?

It's so much easier to just download everyone's secret stuff from databases belonging to the likes of ebay, amazon etc https://nakedsecurity.sophos.com/2020/0 ... s-exposed/
Memory in C++ is a leaky abstraction .

tpylkko
Posts: 411
Joined: Tue Oct 14, 2014 5:21 pm

Re: Viruses on Linux

Sun Mar 15, 2020 8:47 pm

This document is a bit old but it tries to list and discuss some of the viruses that have been discovered targeting linux systems:
https://help.ubuntu.com/community/Linuxvirus

If you browse that stats on pages like https://statistics.securelist.com/en/on-access-scan/day

you will notice that most malware is directed at windows or Android. This probably is because there are so many more users of these.

Can you get a virus from apt or other package managers? Probably in theory, but most of the software that you get from the official repositories is open source and can be checked by anybody at any time, so it would be harder to maintain malware there. The downlaod is also checksummed so it is harder to get involved in a man-in-the-midle-situation. With wget you can download anything in the world you want, so of course you can also download viruses, especially if you don't check them.

pica200
Posts: 219
Joined: Tue Aug 06, 2019 10:27 am

Re: Viruses on Linux

Sun Mar 15, 2020 11:33 pm

Most Linux viruses probably only target servers and IoT (or IoS how i like to call it. The S is left to your imagination ;) ).

Repositories should be relatively safe. Packages are normally signed and if a malicious package slips through it would not take long until someone notices. Chances are much lower than downloading random executables from the net as common on Windows.

Heater
Posts: 16874
Joined: Tue Jul 17, 2012 3:02 pm

Re: Viruses on Linux

Mon Mar 16, 2020 1:05 am

pica200 wrote:
Sun Mar 15, 2020 11:33 pm
Most Linux viruses probably only target servers and IoT (or IoS how i like to call it. The S is left to your imagination ;) ).

Repositories should be relatively safe. Packages are normally signed and if a malicious package slips through it would not take long until someone notices. Chances are much lower than downloading random executables from the net as common on Windows.
Our operating system repositories are pretty well secured and maintained.

A bigger worry is all the other package repositories we use now a days. For example the node.js guys get all their modules from NPM which has been "infected" with malicious packages in the past https://www.bleepingcomputer.com/news/s ... passwords/. The same problems exist for Pythons PIP and the Crate system of Rust and so on.

I notice in the Raspberry Pi would there is a lot of downloading of random execuatbles from the net. For example this suggestion was posted yesterday: https://www.bleepingcomputer.com/news/s ... passwords/

Often I have seen directions here and elsewhere to add some weird source to ones Raspbian apt sources list so as to get some pre-built binary installed from God knows where. That is giving the keys to your kingdom to strangers, root permissions and all!

As I said, why write actual viruses now a days. There are much easier ways to get your malicious code into systems.
Memory in C++ is a leaky abstraction .

stan_qaz
Posts: 57
Joined: Sun Sep 30, 2012 6:53 am
Location: Sunny Arizona

Re: Viruses on Linux

Mon Mar 16, 2020 3:05 am

pica200 wrote:
Sun Mar 15, 2020 11:33 pm
Most Linux viruses probably only target servers and IoT (or IoS how i like to call it. The S is left to your imagination ;) ).
An old saying, no clue who said it first: "The S in IoT stands for Security"

My IoT stuff and any computer I'm using stuff from untrusted sources goes on an untrusted network where the damage it can do is limited.

Heater
Posts: 16874
Joined: Tue Jul 17, 2012 3:02 pm

Re: Viruses on Linux

Mon Mar 16, 2020 7:17 am

pica200 wrote:
Sun Mar 15, 2020 11:33 pm
Most Linux viruses probably only target servers and IoT (or IoS how i like to call it. The S is left to your imagination ;) ).
As far as I can tell most vulnerabilities that show up in IoT junk are nothing to do with viruses. Rather they are down to broken crypto implementations and use of default passwords etc. Basically negligence on the part of the manufacturers.
Memory in C++ is a leaky abstraction .

User avatar
RaspbianUser1
Posts: 515
Joined: Thu Mar 05, 2020 6:34 pm

Re: Viruses on Linux

Mon Mar 16, 2020 9:46 am

What is the process for adding a program to a package manager like apt, I imagine it would be analysed before being uploaded, also who is viewing these programs and saying yep or no before they are put on a package manager
Running either Raspberry Pi OS desktop Full or Raspberry Pi OS MATE desktop
Overclocked at 2147MHz CPU and 700 MHz GPU with a over voltage of 7, max or nothing
Think before you delete something a stranger on the internet told you to.

pica200
Posts: 219
Joined: Tue Aug 06, 2019 10:27 am

Re: Viruses on Linux

Mon Mar 16, 2020 9:49 am

Yes, but there are scripts/programs searching for these vulnerable devices. They infect them if found and the infected devices themselves will search and infect others again.These infected devices will usually either mine coins or DDoS or both. That is how some of the largest botnets could be created as far as i know. I guess you can call that "virus" already. The companies who make this insecure garbage should pay for the damage it's doing (in my opinion).

User avatar
davidcoton
Posts: 5513
Joined: Mon Sep 01, 2014 2:37 pm
Location: Cambridge, UK
Contact: Website

Re: Viruses on Linux

Mon Mar 16, 2020 10:15 am

stan_qaz wrote:
Mon Mar 16, 2020 3:05 am
An old saying, no clue who said it first: "The S in IoT stands for Security"

My IoT stuff and any computer I'm using stuff from untrusted sources goes on an untrusted network where the damage it can do is limited.
Even that is, in my opinion, highly dangerous. Especially for anyone who uses cameras to monitor their home while they are away. Anyone hacking the cloud can now determine when you are away from home ....

And can probably do the same by monitoring WiFi, making that secure is not automatic.
Location: 345th cell on the right of the 210th row of L2 cache

Heater
Posts: 16874
Joined: Tue Jul 17, 2012 3:02 pm

Re: Viruses on Linux

Mon Mar 16, 2020 10:20 am

And why worry about viruses when the like of google and amazon don't bother with any of that, they just put spyware and security vulnerabilities straight into your home: https://www.cnet.com/news/smart-home-de ... -security/ whilst getting you to pay for and install it.

Then there is all that malware inserted into thousands of Android apps and the like.

Who would bother crafting viruses today?
Memory in C++ is a leaky abstraction .

Heater
Posts: 16874
Joined: Tue Jul 17, 2012 3:02 pm

Re: Viruses on Linux

Mon Mar 16, 2020 10:23 am

RaspbianUser1 wrote:
Mon Mar 16, 2020 9:46 am
What is the process for adding a program to a package manager like apt, I imagine it would be analysed before being uploaded, also who is viewing these programs and saying yep or no before they are put on a package manager
Raspbian is based on Debian. Debian has thousands of volunteer contributors of all kind of packages. Debian gets tested for a good long while before release. I like to think those package maintainers are known and have reputations to keep up so they are not motivated to sneak malware in.

At the end of the day you have to trust somebody.
Memory in C++ is a leaky abstraction .

pica200
Posts: 219
Joined: Tue Aug 06, 2019 10:27 am

Re: Viruses on Linux

Mon Mar 16, 2020 10:39 am

@Heater
Ransomware is extremely popular right now. But it doesn't really target Linux desktops.

User avatar
rpdom
Posts: 17736
Joined: Sun May 06, 2012 5:17 am
Location: Chelmsford, Essex, UK

Re: Viruses on Linux

Mon Mar 16, 2020 11:11 am

Heater wrote:
Mon Mar 16, 2020 10:23 am
I like to think those package maintainers are known
Well, I have known and met a few of them, and worked with one. They are serious about their work.
Unreadable squiggle

User avatar
RaspbianUser1
Posts: 515
Joined: Thu Mar 05, 2020 6:34 pm

Re: Viruses on Linux

Mon Mar 16, 2020 12:12 pm

[/quote]
Well, I have known and met a few of them, and worked with one. They are serious about their work.
[/quote]

thats good to hear, wasn't worried anyway but just curious as if they can be found in package managers
leaving my mistake of the quote because it is funny
Running either Raspberry Pi OS desktop Full or Raspberry Pi OS MATE desktop
Overclocked at 2147MHz CPU and 700 MHz GPU with a over voltage of 7, max or nothing
Think before you delete something a stranger on the internet told you to.

echmain
Posts: 318
Joined: Fri Mar 04, 2016 8:26 pm

Re: Viruses on Linux

Mon Mar 16, 2020 6:03 pm

I’ll be able to afford a more secure computer as soon as I hear back from that Nigerian prince.

Any day now...

timrowledge
Posts: 1354
Joined: Mon Oct 29, 2012 8:12 pm
Location: Vancouver Island
Contact: Website

Re: Viruses on Linux

Mon Mar 16, 2020 6:51 pm

I actually got one of those things this morning for probably the first time in five years. I got all misty eyed and nostalgic...
Making Smalltalk on ARM since 1986; making your Scratch better since 2012

User avatar
Roken
Posts: 383
Joined: Sun Dec 31, 2017 4:35 pm
Location: Wales, home of the Pi

Re: Viruses on Linux

Mon Mar 16, 2020 7:21 pm

echmain wrote:
Mon Mar 16, 2020 6:03 pm
I’ll be able to afford a more secure computer as soon as I hear back from that Nigerian prince.

Any day now...
Is that the one offering you an almost unlimited supply of loo roll?
Headless PI. OMG, someone cut it's head off. Oh, hang on. it didn't have one to start with.

pica200
Posts: 219
Joined: Tue Aug 06, 2019 10:27 am

Re: Viruses on Linux

Tue Mar 17, 2020 10:18 am

I will take any E-Mail offer from any price if he can supply toilet paper :mrgreen:

User avatar
davidcoton
Posts: 5513
Joined: Mon Sep 01, 2014 2:37 pm
Location: Cambridge, UK
Contact: Website

Re: Viruses on Linux

Tue Mar 17, 2020 11:18 am

pica200 wrote:
Tue Mar 17, 2020 10:18 am
I will take any E-Mail offer from any price if he can supply toilet paper :mrgreen:
PrinceOfNigeria wrote:I can supply toilet rolls packs of 6. Just deposit £1000/$1000/€1000 in bitcoin to this account ....
Note: supplies may be recycled tabloid newsprint.
Location: 345th cell on the right of the 210th row of L2 cache

User avatar
RaspbianUser1
Posts: 515
Joined: Thu Mar 05, 2020 6:34 pm

Re: Viruses on Linux

Tue Mar 17, 2020 1:49 pm

this went abit off topic but I don't mind, its a nice read :lol:
Running either Raspberry Pi OS desktop Full or Raspberry Pi OS MATE desktop
Overclocked at 2147MHz CPU and 700 MHz GPU with a over voltage of 7, max or nothing
Think before you delete something a stranger on the internet told you to.

pica200
Posts: 219
Joined: Tue Aug 06, 2019 10:27 am

Re: Viruses on Linux

Tue Mar 17, 2020 1:49 pm

I will take 10 packs.

[/irony]

User avatar
RaspbianUser1
Posts: 515
Joined: Thu Mar 05, 2020 6:34 pm

Re: Viruses on Linux

Tue Mar 17, 2020 1:54 pm

RaspbianUser1 wrote:
Tue Mar 17, 2020 1:49 pm
this went abit off topic but I don't mind, its a nice read :lol:
I will take all toilet rolls not just ten pico
Running either Raspberry Pi OS desktop Full or Raspberry Pi OS MATE desktop
Overclocked at 2147MHz CPU and 700 MHz GPU with a over voltage of 7, max or nothing
Think before you delete something a stranger on the internet told you to.

Return to “General discussion”