Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Wouldn't it be possible to create a virus for Linux

Off-Topic discussions about science, technology, and non Debian specific topics.
Message
Author
MrJPE
Posts: 131
Joined: 2009-11-04 05:25

Wouldn't it be possible to create a virus for Linux

#1 Post by MrJPE »

Wouldn't it be fairly easy too? For example, you drift onto a website by accident and you download a file without your knowing.

This file runs in the background with no root permissions. What if this file monitors what your doing. One night, you decide to install some new packages and you enter your root password. Bam, that file that you had no clue you downloaded knows your password and then downloads more files to infect your system.

Just a hypothetical question. More curious than anything.

User avatar
dasein
Posts: 7680
Joined: 2011-03-04 01:06
Location: Terra Incantationum

Re: Wouldn't it be possible to create a virus for Linux

#2 Post by dasein »

LOL... I am not getting dragged into this again. (See here: http://forums.debian.net/viewtopic.php?f=3&t=78078)

The answer to your question is: both yes and no.

Yes in the sense that, given the right set of circumstances, an exploit like the one you've outlined is, at least in principle, entirely possible. Given the really "right" set of circumstances, it might even be easy.

No in the sense that "the right set of circumstances" generally involves either (a) a kernel bug or (b) a system that is not being properly administered/secured (including all manners of ID-10-T errors). Such circumstances also almost invariably involve exploiting some bug/feature/functionality in X.

But the next time you see some numbnut ask "How do I allow root login via the DM?" (or auto-login as root, or some such similar), you'll know why they are forcefully discouraged from even considering the possibility. (Even--or especially!--if they say something like "I understand the risks." By definition, no one who genuinely comprehends the risk of routine use of X by root would ever think about doing so. The mere act of asking the question pretty much guarantees that the poster doesn't have Clue One about the associated risks.)

User avatar
Issyer
Posts: 3032
Joined: 2007-05-23 02:59
Location: Khakassia

Re: Wouldn't it be possible to create a virus for Linux

#3 Post by Issyer »

I think, it's quite possible, only tricky.
Howto

User avatar
craigevil
Posts: 5391
Joined: 2006-09-17 03:17
Location: heaven
Has thanked: 28 times
Been thanked: 39 times

Re: Wouldn't it be possible to create a virus for Linux

#4 Post by craigevil »

Malware hidden on Gnome-Look , this is a from a couple yrs back
http://www.omgubuntu.co.uk/2009/12/malw ... nome-look/

So yes it is possible.
Raspberry PI 400 Distro: Raspberry Pi OS Base: Debian Sid Kernel: 5.15.69-v8+ aarch64 DE: MATE Ram 4GB
Debian - "If you can't apt install something, it isn't useful or doesn't exist"
My Giant Sources.list

FortuneCookie
Posts: 15
Joined: 2012-04-10 22:30

Re: Wouldn't it be possible to create a virus for Linux

#5 Post by FortuneCookie »

The Linux security model is different than the Windows security model, malware exists in the linux world. For the home desktop user, java, flash and the browser will be the entry points, you can surf the web while 2 out of 3 are not installed, but you won't be able to watch Youtube videos. ;)
HTML 5 Video would be nice if just to stop flash attack vectors.

Blackhole Exploit pack has drive-by code for Linux via java exploits.
This week Blackhole has been updated to version 1.2.3 and includes a new exploit for the Java CVE-2012-0507 vulnerability, which ESET calls Java/Exploit.CVE-2012-0507. Earlier this week information was published about the Blackhole update by French malware researcher Xylitol and last week Microsoft shared information about an interesting way of breaching the JRE (Java Runtime Environment) sandbox.

The first information about a working exploit for CVE-2012-0507 was released by the company Immunity with reference to the 7.03.2012 product update of Immunity CANVAS Modules. The first In-the-Wild detections were recognized during the week beginning on March 12, 2012. The CVE-2012-0507 vulnerability was remediated on February 15 as part of a critical patch update advisory. Today a public module for Metasploit Framework was released, working on a range of platforms: Windows, Linux, Solaris and OSX. The Metasploit module for exploitation of CVE-2012-0507 looks the same as the exploit version seen in the updated Blackhole version.
http://blog.eset.com/2012/03/30/blackho ... nd-carberp

User avatar
dasein
Posts: 7680
Joined: 2011-03-04 01:06
Location: Terra Incantationum

Re: Wouldn't it be possible to create a virus for Linux

#6 Post by dasein »

FortuneCookie wrote:...java, flash and the browser will be the entry points
+1 with a bullet. I've been saying for some time that the future of malware lies in platform-independent delivery, driven by widespread deployment of mobile devices. (Let's face it, a "smartphone" is really a computer, which happens quite incidentally to be able to make and receive phone calls.)

kedaha
Posts: 3521
Joined: 2008-05-24 12:26
Has thanked: 33 times
Been thanked: 77 times

Re: Wouldn't it be possible to create a virus for Linux

#7 Post by kedaha »

FortuneCookie wrote:The Linux security model is different than the Windows security model, malware exists in the linux world. For the home desktop user, java, flash and the browser will be the entry points, you can surf the web while 2 out of 3 are not installed, but you won't be able to watch Youtube videos. ;)
HTML 5 Video would be nice if just to stop flash attack vectors.
Not watch YouTube videos? Yes you can! Just install Minitube - that doesn't require flash.
DebianStable

Code: Select all

$ vrms

No non-free or contrib packages installed on debian!  rms would be proud.

User avatar
dasein
Posts: 7680
Joined: 2011-03-04 01:06
Location: Terra Incantationum

Re: Wouldn't it be possible to create a virus for Linux

#8 Post by dasein »

This just in...

Zero-day exploit discovered in wicd. https://bugs.launchpad.net/wicd/+bug/979221

(And yes, it affects Debian.)

User avatar
buntunub
Posts: 591
Joined: 2011-02-11 05:23

Re: Wouldn't it be possible to create a virus for Linux

#9 Post by buntunub »

Its not possible. Its a certainty. It has happened. It will happen again and again and again and again.

User avatar
debil
Posts: 1336
Joined: 2008-05-11 08:55
Location: Mazes of Menace, surrounded by brown puddings

Re: Wouldn't it be possible to create a virus for Linux

#10 Post by debil »

No amount of tin foil will help if PEBKAC.
Q: Why is the Eunux kernel so bloated?
A: It was made in the image of its founder.

User avatar
buntunub
Posts: 591
Joined: 2011-02-11 05:23

Re: Wouldn't it be possible to create a virus for Linux

#11 Post by buntunub »

emma157 wrote:thanks for sharing this here. i just need to know if it is good to use linux for my personal comp.
Its great for that. The low usage numbers is our best defence. There is little reason for attackers to target us because were such a tiny market share compared to Windows and MAC installs. Linux does everything generally better than those with few exceptions.

User avatar
stevepusser
Posts: 12930
Joined: 2009-10-06 05:53
Has thanked: 41 times
Been thanked: 71 times

Re: Wouldn't it be possible to create a virus for Linux

#12 Post by stevepusser »

Here's a backported Wicd 1.7.2 for Squeeze sourced from Sid: http://ubuntuone.com/6aVxJM7GJOw0ZMJOOJHaz4

For those who wisely don't trust just any package on a forum post, the sources are also available. The only files I changed in the source were debian/changelog, control, and rules. You can verify the differences and use the Debian orig.tar.gz file from packages.debian.org to build your own packages, to be sure you are not getting malicious source. Since this is a Python program, it builds into packages very quickly.

For those that use the GTK GUI, the critical packages are python-wicd, wicd-daemon, and wicd. Users of wicd-kde as a GUI ( I have built that) just need to upgrade the first two.
MX Linux packager and developer

User avatar
dasein
Posts: 7680
Joined: 2011-03-04 01:06
Location: Terra Incantationum

Re: Wouldn't it be possible to create a virus for Linux

#13 Post by dasein »

I'm glad someone noticed the reference to Wicd.

Thanks for taking time to address the issue. The Debian community owes you yet another debt of gratitude.

User avatar
sunrat
Administrator
Administrator
Posts: 6414
Joined: 2006-08-29 09:12
Location: Melbourne, Australia
Has thanked: 116 times
Been thanked: 462 times

Re: Wouldn't it be possible to create a virus for Linux

#14 Post by sunrat »

KellyKa wrote:Unfortunately, viruses for Linux do exist.
...
Holy necrobump, Batman! This thread is over 9 years old. :|
“ computer users can be divided into 2 categories:
Those who have lost data
...and those who have not lost data YET ”
Remember to BACKUP!

LE_746F6D617A7A69
Posts: 932
Joined: 2020-05-03 14:16
Has thanked: 7 times
Been thanked: 65 times

Re: Wouldn't it be possible to create a virus for Linux

#15 Post by LE_746F6D617A7A69 »

KellyKa wrote:Nowadays, the main target of cybercriminals is data: passwords, bank card data, keys to cryptocurrency wallets, and other personal information.
You're looking for viruses in a wrong place -> it's all about categorizing the viruses by their impact on our reality.

The most dangerous virus I've ever heard of was created by Boeing, implemented as a hidden functionality in flight control software in their aeroplanes -> it have killed hundreds of people (passengers) by crashing the aeroplanes, and no single member of that "hacker team" have landed in jail -> this is a virus number one, and the most dangerous hacker team in the world.

All other viruses are looking like a joke when compared with that one.

Viruses stealing the user data are the next most widely spread type: the leaders in developing such viruses are: Microshit, Google and Facepalm: their viruses are easily bypassing all the firewalls and anti-virus software, because they are attacking human brains -> such infected humans are behaving like a zombie -> they'll rather chop their hands with an axe before they would resign from using spying, data-collecting and censoring software made by those companies -> a viruses which are using human stupidity as a part of the code.

Regards.
Bill Gates: "(...) In my case, I went to the garbage cans at the Computer Science Center and I fished out listings of their operating system."
The_full_story and Nothing_have_changed

User avatar
RU55EL
Posts: 546
Joined: 2014-04-07 03:42
Location: /home/russel

Re: Wouldn't it be possible to create a virus for Linux

#16 Post by RU55EL »

LE_746F6D617A7A69 wrote: The most dangerous virus I've ever heard of was created by Boeing, implemented as a hidden functionality in flight control software in their aeroplanes -> it have killed hundreds of people (passengers) by crashing the aeroplanes, and no single member of that "hacker team" have landed in jail -> this is a virus number one, and the most dangerous hacker team in the world.
Is that a computer virus, or a software bug? A computer virus replicates itself, a computer bug does not.
LE_746F6D617A7A69 wrote: Viruses stealing the user data are the next most widely spread type: the leaders in developing such viruses are: Microshit, Google and Facepalm: their viruses are easily bypassing all the firewalls and anti-virus software, because they are attacking human brains -> such infected humans are behaving like a zombie -> they'll rather chop their hands with an axe before they would resign from using spying, data-collecting and censoring software made by those companies -> a viruses which are using human stupidity as a part of the code.
Again, the software to which you refer from Microsoft, Google, and Facebook, may be malicious, but it does not replicate itself. Replication is key quality in the definition of a virus, both software and biological.

There have been virus programs written for Linux long before the original poster started this thread in 2012.

LE_746F6D617A7A69
Posts: 932
Joined: 2020-05-03 14:16
Has thanked: 7 times
Been thanked: 65 times

Re: Wouldn't it be possible to create a virus for Linux

#17 Post by LE_746F6D617A7A69 »

RU55EL wrote:
LE_746F6D617A7A69 wrote: The most dangerous virus I've ever heard of was created by Boeing, implemented as a hidden functionality in flight control software in their aeroplanes -> it have killed hundreds of people (passengers) by crashing the aeroplanes, and no single member of that "hacker team" have landed in jail -> this is a virus number one, and the most dangerous hacker team in the world.
Is that a computer virus, or a software bug? A computer virus replicates itself, a computer bug does not.
Software bug means an unexpected behaviour which is NOT intentionally implemented -> Boeing have intentionally implemented a hidden functionality which have killed hundreds of people -> the only reason for doing this was simply a greed (their aeroplanes are faulty by design, and they tried to save the money by "fixing" hardware design problem with a hidden software functionality).
RU55EL wrote:
LE_746F6D617A7A69 wrote:
LE_746F6D617A7A69 wrote: Viruses stealing the user data are the next most widely spread type: the leaders in developing such viruses are: Microshit, Google and Facepalm: their viruses are easily bypassing all the firewalls and anti-virus software, because they are attacking human brains -> such infected humans are behaving like a zombie -> they'll rather chop their hands with an axe before they would resign from using spying, data-collecting and censoring software made by those companies -> a viruses which are using human stupidity as a part of the code.
Again, the software to which you refer from Microsoft, Google, and Facebook, may be malicious, but it does not replicate itself. Replication is key quality in the definition of a virus, both software and biological.
I disagree.
Replication may be significant for biological virus, but not necessarily for software virus, where replication may not be desired -> once You have infected the target system, You may not want to tell that fact to the rest of the world -> it depends on what system You have infected, and what are Your targets.

A computer virus has at least one of the following properties:
1. Its presence is unknown to the owner of the system (f.e.: unwanted software)
2. It performs actions that are not controlled/wanted by the owner of the system.

Replication is needed basically in a single scenario:
- to create a botnet, which can perform a DOS attacks or which can be used as a distributed computing system, like a password cracker or a bitcoin miner ;)
Bill Gates: "(...) In my case, I went to the garbage cans at the Computer Science Center and I fished out listings of their operating system."
The_full_story and Nothing_have_changed

User avatar
stevepusser
Posts: 12930
Joined: 2009-10-06 05:53
Has thanked: 41 times
Been thanked: 71 times

Re: Wouldn't it be possible to create a virus for Linux

#18 Post by stevepusser »

You don't get to make up your own definition of something as well established as "computer virus". Replication was in the definition from the very beginning, brought over from definition of biological viruses. (disregarding whether bio-viruses are actually life or not--they are in the fuzzy border zones. Reality is fuzzy and fluid, not black and white.)

Do you have an reliable citation for Boeing intentionally embedding actual murderware in their flight software? (Alex Jones does not count)
MX Linux packager and developer

User avatar
RU55EL
Posts: 546
Joined: 2014-04-07 03:42
Location: /home/russel

Re: Wouldn't it be possible to create a virus for Linux

#19 Post by RU55EL »

LE_746F6D617A7A69 wrote:I disagree.
Replication may be significant for biological virus, but not necessarily for software virus, where replication may not be desired -> once You have infected the target system, You may not want to tell that fact to the rest of the world -> it depends on what system You have infected, and what are Your targets.

A computer virus has at least one of the following properties:
1. Its presence is unknown to the owner of the system (f.e.: unwanted software)
2. It performs actions that are not controlled/wanted by the owner of the system.

Replication is needed basically in a single scenario:
- to create a botnet, which can perform a DOS attacks or which can be used as a distributed computing system, like a password cracker or a bitcoin miner ;)
I understand that you disagree with the common definition, but it is the common definition, none the less.
Wikipedia wrote: A computer virus[1] is a type of computer program that, when executed, replicates itself by modifying other computer programs and inserting its own code.[2][3] If this replication succeeds, the affected areas are then said to be "infected" with a computer virus.
The common definition of a computer virus states that it has at least one property: replication.
LE_746F6D617A7A69 wrote: Software bug means an unexpected behaviour which is NOT intentionally implemented -> Boeing have intentionally implemented a hidden functionality which have killed hundreds of people -> the only reason for doing this was simply a greed (their aeroplanes are faulty by design, and they tried to save the money by "fixing" hardware design problem with a hidden software functionality).
So, if the software function that killed hundreds of people was not unexpected behavior, Boeing intentionally sabotaged their own plane with the intention of making it crash? And you attribute this to greed? (These questions are rhetorical.) That would be very counter productive to their profit margin. Just look at the financial result!

In any case, I am going to have to agree to disagree with you. You are untitled to you opinion and I am untitled to mine.

CwF
Global Moderator
Global Moderator
Posts: 2639
Joined: 2018-06-20 15:16
Location: Colorado
Has thanked: 41 times
Been thanked: 192 times

Re: Wouldn't it be possible to create a virus for Linux

#20 Post by CwF »

LE_746F6D617A7A69 wrote:Boeing have intentionally implemented a hidden functionality
Actually this is ignorant, and stupid.
The system as designed had multiple redundant inputs. The system as sold did not. No 'software engineer' intention (ie. conscious motive) made it past the sign off. The customers pressured the sales people for a simpler cheaper option, management signed off. There is no intention of failure anywhere.

To the OP point, when linux has a majority share of targets the virus's will be released that evening.

Post Reply