Page 1 of 8 123 ... LastLast
Results 1 to 10 of 75

Thread: Blog: "How to write a Linux virus in 5 easy steps" (Requires social engineering)

  1. #1
    Join Date
    May 2005
    Beans
    276

    Arrow Blog: "How to write a Linux virus in 5 easy steps" (Requires social engineering)

    The rumor of the bullet-proof Linux architecture

    There is this rumor going around that Linux is virus free. It is said that the old-fashioned multi-user heritage of Linux (and other *nix OSs) prevents malware, since users are not normally running their programs in admin mode (as root user). We are reminded that execute bits are needed to run anything – contrary to Windows – and that execute bits aren't set on any attachments or files saved from emails or from a web-browser.

    Therefore, we are told, the very architecture of Linux is so much more superior to Windows that it's just not possible to successfully spread malware. Of course – it is acknowledged – a low-level bug, a buffer overflow or other issue is exploitable. But nevertheless, users can't just catch a virus by email or downloading malware from the Internet, contrary to “those Windows users”. Linux will protect them from their own stupidity.

    At least so the story goes. But sadly, that's not true. I will show how it is possible in a few easy steps to write a perfectly valid email borne virus for modern desktop Linux. I will do so not because I want to put down Linux. Quite the opposite: I like and support Linux, which is all I'm running at home and at work. I'm a big supporter of free and open software as readers of this blog will know. But if there are any security risks, even in my favorite OS or distribution then they will need to be discussed. Even more important: A false sense of security is worse than a lack of security. And unsubstantiated claims of superiority don't help in a reasonable discussion either.
    http://www.geekzone.co.nz/foobar/6229

  2. #2
    Join Date
    Jun 2007
    Location
    Porirua, New Zealand
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: How to write a Linux virus in 5 easy steps

    While it's good to know that sneaky things are possible, why would I want to knowlingly do something to hurt my fellow *nix users?
    Forum DOs and DON'Ts
    Never assume that information you find using a search engine is up-to-date.

  3. #3
    Join Date
    Mar 2006
    Location
    Williams Lake
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: How to write a Linux virus in 5 easy steps

    THe article states that you still have to do some social engineering in order to install the malware, so it still is dependent on the user. How is this supposed to spread to other computers?

    Jim

  4. #4
    Join Date
    Sep 2006
    Location
    Chicago
    Beans
    355

    Re: How to write a Linux virus in 5 easy steps

    "The rumor of the bullet-proof Linux architecture" is when I stopped reading.
    UbuntuBeginnersTeam
    UbuntuSecurity
    Blawg
    Questions pertaining to "stealthed" ports kind of make me LOL IRL

  5. #5
    Join Date
    Nov 2006
    Location
    40.31996,-80.607213
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: How to write a Linux virus in 5 easy steps

    What I'm showing here is merely an example of how the old-school social engineering "viruses"
    Once again, the use is the biggest threat to security.
    "Security lies within the user of who runs the system. Think smart, live safe." - Dr Small
    Linux User #441960 | Wiki: DrSmall

  6. #6
    Join Date
    Jun 2005
    Beans
    102

    Re: How to write a Linux virus in 5 easy steps

    Quote Originally Posted by 2point0 View Post
    "The rumor of the bullet-proof Linux architecture" is when I stopped reading.
    In that case you missed some pretty good stuff. Too bad for you.

  7. #7
    Join Date
    Jun 2006
    Location
    Switzerland
    Beans
    Hidden!
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: How to write a Linux virus in 5 easy steps

    a user can also chose to dd the whole harddrive. what's there to stop him? without user intercation this will do nothing.

  8. #8
    Join Date
    Apr 2005
    Location
    Finland/UK
    Beans
    Hidden!
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: How to write a Linux virus in 5 easy steps

    it's not a virus if it's not able to spread on it's own, and its not even a proper trojan since it's not able to hide the fact that it is a program, not something else like a picture. And even when running and configured to autostart, it's not able to hide itself, you'll see it in your sessions and you'll see the file itself, and can delete them to get rid of the malware program.


    At the point when you get somebody to download that to your desktop and start it you could have done a lot more damage just by telling the stupid user to run some nasty command. Like hyper_ch said, why not just tell the user to dd his harddrive? It's already installed, and will definitely work just as well. The user is less likely to suspect anything since he doesn't need to download anything.. Does that make "dd" a virus as well? NO, it doesn't, and thus the program desribed in that article isn't a virus either.

  9. #9
    Join Date
    Nov 2007
    Beans
    1,818
    Distro
    Ubuntu 11.10 Oneiric Ocelot

    Re: How to write a Linux virus in 5 easy steps

    For example, it can start to pilfer through the user's address book to harvest email addresses, send them off to our malware server, start sending spam email or it can spread itself by email. It can install a Firefox extension that captures passwords as the user types them. It may start to share the user's desktop via VNC without the user's knowledge. It can start a background daemon that pops up ads. Linux adware!
    Here's the most important part of the article as far as I (an admitted security non-expert) can tell. It still seems like the kinds of things malware could do even once installed would be minor. It can't install anything to the root filesystem or harm any vital piece. Like was said, the base OS is not vulnerable to this. And while personal data could be lost, I don't think some of the other things could happen. I wasn't aware you could install Firefox Addons invisibly, or outside the application. And you'll need to have VNC and your router configured to make remote desktop work. Plus, isn't /tmp emptied every reboot? So while annoying, couldn't you just reboot and have everything fixed?

    In the end, this falls down to social engineering. And if I am convincing someone to install malware on their computer, why not just package it as a deb and make it easy on myself?
    Last edited by JoshuaRL; February 11th, 2009 at 09:33 AM. Reason: i didnt read well enough

  10. #10
    Join Date
    Dec 2007
    Location
    California
    Beans
    4,899
    Distro
    Ubuntu 13.04 Raring Ringtail

    Re: How to write a Linux virus in 5 easy steps

    The title of this thread is soooo misleading it's not even funny.

    Non of that had anything to do with a virus. It was all just tricking people into running a malicious program. No ***** you can hurt any OS doing that...
    "You can't expect to hold supreme executive power just because some watery tart lobbed a sword at you"

    "Don't let your mind wander -- it's too little to be let out alone."

Page 1 of 8 123 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •