Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Can Viruses/Malware affect ubuntu?

  1. #1
    Join Date
    Oct 2019
    Beans
    1

    Can Viruses/Malware affect ubuntu?

    I'm fairly new to ubuntu or rather the whole linux environment and have been using it as my daily desktop recently. I want to ask if ubuntu/linux in general requires an anti-malware? (I have switched from windows 10)
    Could a malware such as one made in python affect ubuntu or linux in any way by running a script in background which hijacks/installs backdoor or connects to a botnet without my knowledge?
    Can such rogue processes be detected/caught?

  2. #2
    Join Date
    Feb 2008
    Location
    Texas
    Beans
    27,574
    Distro
    Ubuntu 18.04 Bionic Beaver

    Re: Can Viruses/Malware affect ubuntu?

    Thread moved to Security a more appropriate sub-forum.

  3. #3
    Join Date
    Sep 2009
    Location
    Pennsylvania
    Beans
    2,875
    Distro
    Xubuntu

    Re: Can Viruses/Malware affect ubuntu?

    I am sure that you will get many opinions about whether a virus scanner is needed. Let me give you mine:

    I have been using Ubuntu or Xubuntu for 10+ years now. I have over 10 machines being used by either myself or others (family members). I also have 2 machines that are used by various different people. I have never had a problem with a virus on any of these machines.

  4. #4
    Join Date
    Feb 2010
    Location
    Summerwind
    Beans
    13,902
    Distro
    Ubuntu Budgie Development Release

    Re: Can Viruses/Malware affect ubuntu?

    See the security link in my signature.
    “Start where you are. Use what you have. Do what you can".

    Ubuntu Documentation Search: Popular Pages
    Ubuntu: Security Basics
    Ubuntu: Flavors

  5. #5
    Join Date
    Apr 2008
    Location
    Norwich CT
    Beans
    2,594
    Distro
    Ubuntu Mate

    Re: Can Viruses/Malware affect ubuntu?

    There is a virus detector in the repos, Clamav. It isn't for individual users; it's for servers which handle Windows programs, to prevent infected Windows programs to be distributed.

    In >11 years, I have had zero malware. Relax.

    I drink my Ubuntu black, no sugar.
    Ubuntu user 28819

  6. #6
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: Can Viruses/Malware affect ubuntu?

    If you do high risk activities, then running an A/V scanner would be useful. What are high-risk activities?
    * Running any daemon that is available over the internet
    * Not running an ad-blocker in all your browsers
    * Allowing any Java or Javascript webpages without limitation
    * Surfing to nasty parts of the internet
    * copy/pasting commands from anywhere without understanding 100% what they do
    * installing and using software from disreputable sources, bad PPAs, bad sources
    * clicking any shortened links, or long links from disreputable sources
    * have WINE installed; people do get windows viruses in WINE
    * don't patch and otherwise maintain your Linux system(s)

    If you deal with documents that Windows people create or you share documents with Windows users, then running an A/V scanner could be useful.

    If you don't do those things, running an A/V on Linux that searches for Windows viruses isn't really useful.

    Linux systems tend to be used as C&C servers if they get hacked. Normally, that would happen not from doing desktop-user stuff, but by running internet services like a web server or email or ftp or dns server that is available to the world. If you don't do that stuff and have a current, patched, maintained, router blocking all inbound connections to your LAN, then you don't need to worry.

    The "Basic Ubuntu Security" webpage has more. Google finds it easily.

    Could someone setup a reverse shell into your system? Yes, but only if they gain access to it in the first place. You can google "how to setup a reverse shell" for a guide. netcat, bash, ssh all support reverse shells over a network. These tools have been around for decades, but are seldom used by "bad guys."

    In 25+ yrs, I've been hacked 3 times. Only once was it due to something a desktop user would have enabled. A laptop I'd installed and patched the day prior to visiting a security conference was hacked when I wasn't connected to any network, but had neglected to disable bluetooth. Since then, I softblock bluetooth devices and remove bluetooth programs.
    Code:
    $ rfkill list
    0: phy0: Wireless LAN
            Soft blocked: no
            Hard blocked: no
    3: hci0: Bluetooth
            Soft blocked: yes
            Hard blocked: no
    The other hacks were due to me running daemons available to the internet. End-users don't to that stuff normally.
    Last edited by TheFu; October 22nd, 2019 at 06:47 PM.

  7. #7
    Join Date
    Nov 2004
    Location
    Maine
    Beans
    2,346
    Distro
    Ubuntu 18.04 Bionic Beaver

    Re: Can Viruses/Malware affect ubuntu?

    this wiki may be worth considering:
    Wireless script
    Dave
    Registered Linux User #462608
    Morse Code an early Digital Mode.

  8. #8
    Join Date
    Oct 2019
    Location
    github.com/zimbuf
    Beans
    16
    Distro
    Ubuntu 19.10 Eoan Ermine

    Re: Can Viruses/Malware affect ubuntu?

    have WINE installed; people do get windows viruses in WINE
    For this one, this is a bit disingenuous. To get a virus in WINE, you would need to fall into a very, very special set of use cases:

    • you ran a web browser or vulnerable, internet-facing program from WINE - win32's kernel32.startProcess inherits your current wine prefix, so a vulnerability that causes your web browser to call this on malicious input would affect you
    • you purposefully ran a suspicious Windows executable using the wine command (they don't do this themselves, you know!)


    In order to get a virus to run in WINE, either it has to start from a process or service running within WINE, or exploit an app vulnerability in Linux with explicit Linux shell or syscall functionality to load it into WINE. But if someone could run arbitrary commands on your machine via a vulnerability, why would they bother targeting WINE?

    Also, a WINE security pro-tip, Ubuntu defaults Z:\to / in your winecfg. Delete this so that if you ever did get a virus, it's limited to your wine prefix or the default prefix, ~/.wine/drive_c

    Then if you ever do get a Windows virus in WINE, it's just a matter of

    Code:
    rm -rf $WINEPREFIX
    and you're golden.

  9. #9
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: Can Viruses/Malware affect ubuntu?

    Don't all security issues fall into a narrow scope of possible configurations and user actions? People do run WINE as root because they don't understand permissions. People do run old, unpatched, Windows software in WINE. Perhaps an old bittorrent application, because they prefer that interface. People do run known virus-containing programs in WINE because they think Linux is safe, regardless.

    Not all Windows viruses will work under WINE, but some do.

  10. #10
    Join Date
    Oct 2019
    Location
    github.com/zimbuf
    Beans
    16
    Distro
    Ubuntu 19.10 Eoan Ermine

    Re: Can Viruses/Malware affect ubuntu?

    Quote Originally Posted by TheFu View Post
    Don't all security issues fall into a narrow scope of possible configurations and user actions? People do run WINE as root because they don't understand permissions. People do run old, unpatched, Windows software in WINE. Perhaps an old bittorrent application, because they prefer that interface. People do run known virus-containing programs in WINE because they think Linux is safe, regardless.

    Not all Windows viruses will work under WINE, but some do.
    I mean yes, but that's true with running a web browser in root as well, given GNOME ships with a JavaScript runtime environment. Pointing out WINE for vulnerabilities that aren't much different from Linux is just FUD

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •