Virus

Chat about Linux in general
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
User avatar
MurphCID
Level 15
Level 15
Posts: 5895
Joined: Fri Sep 25, 2015 10:29 pm
Location: Near San Antonio, Texas

Re: Virus

Post by MurphCID »

New malware discovered for Linux: https://www.youtube.com/watch?v=7uzKSMchR_c
rick gen
Level 3
Level 3
Posts: 161
Joined: Thu May 11, 2017 12:29 pm

Re: Virus

Post by rick gen »

I clicked the link and stopped wondering what it is when I saw the tab "Pricing."
User avatar
Michael_Hathaway
Level 4
Level 4
Posts: 329
Joined: Sat Oct 09, 2021 2:27 am
Location: Shebang, USA
Contact:

Re: Virus

Post by Michael_Hathaway »

I came across the REvil ransomware video, running as a native Linux executable file, manually launched from the terminal. I found the video interesting. But I do not find anything scary or dramatic here.

I think that readers on this forum should take a serious look into Moderator Karlchen's advice he gives in these threads (The moderators in this forum are very knowledgable, all of them). Most of these videos either leave out the details of how these machines get infected or flat out say that they do not know. I have a theory on that, I think people are button pushers. I have seen experienced programmers cut and paste code into the terminal and "test" new toys on their daily drivers without thinking. I personally test things, but I do it in VMware.

- MH
karlchen wrote: Sun Oct 03, 2021 1:47 pm Two things have not been mentioned in the video, though:
- Most important, how the heck did the executable revil.elf arrive on the machine?
- Who will make it executable and then execute it?
Enterprise Dual Xeon 8081 (112) @3.8Ghz, 16TB NVMe Raid, 387Gb ECC, AMD Pro W7700 16Gb
Debian Support. Deb 12/13 Trixie 6.7.9
Image
User avatar
MurphCID
Level 15
Level 15
Posts: 5895
Joined: Fri Sep 25, 2015 10:29 pm
Location: Near San Antonio, Texas

Re: Virus

Post by MurphCID »

It appears that many, if not most, ransomware, malware, etc require the user to actively install or run something. Am I correct in this assumption? So therefore if you practice safe computing (vs safe sex) you will be pretty well protected?
rene
Level 20
Level 20
Posts: 12240
Joined: Sun Mar 27, 2016 6:58 pm

Re: Virus

Post by rene »

Yes.
User avatar
Grayfox
Level 4
Level 4
Posts: 333
Joined: Sun May 21, 2017 5:10 am
Location: In a hole

Re: Virus

Post by Grayfox »

MurphCID wrote: Mon Oct 18, 2021 6:54 am It appears that many, if not most, ransomware, malware, etc require the user to actively install or run something. Am I correct in this assumption? So therefore if you practice safe computing (vs safe sex) you will be pretty well protected?
This is pretty much standard for most malware.
You have to install something like a program cracker/activator or you have to run a file such as a downloaded MP3 that has malware embedded(eg those song.mp3.exe) and since most windows users have Hide file extensions set to enable which is default(a stupid move) people fall for it.

Some others are drive by infections from things like Flash, JS on a web browser.
PC: Intel i5 6600K @4.5Ghz, 1TB NVMe SSD, 32GiB 3000Mhz DDR4, GTX1080 running Mint 21.3
Laptop: Asus UM425UAZ running LMDE 6
User avatar
SMG
Level 25
Level 25
Posts: 31333
Joined: Sun Jul 26, 2020 6:15 pm
Location: USA

Re: Virus

Post by SMG »

Moderator note: Post removed for violation of forum rules on name-calling.
Image
A woman typing on a laptop with LM20.3 Cinnamon.
Marie SWE
Level 5
Level 5
Posts: 713
Joined: Wed Feb 28, 2018 7:32 pm
Location: Sweden

Re: Virus

Post by Marie SWE »

Smiling.... just smiling, :D
And here we go again. :lol:

1 linux can not get infected even if you try to........ common Linux knowledge. :roll:
2 they don't make malware or viruses to Linux. because rule 1
and I believe in Santa Claus and I have already sent my wish list to the North Pole for this year
if you want my attention...quote me so I get a notification
Nothing is impossible, the impossible just takes a little longer to solve..
It is like it is.. because you do as you do.. if you hadn't done it as you did.. it wouldn't have become as it is. ;)
User avatar
antikythera
Level 15
Level 15
Posts: 5723
Joined: Thu Jul 02, 2020 12:52 pm
Location: Cymru

Re: Virus

Post by antikythera »

technically there are some but mainly they are targeted attacks aimed at corporate linux servers and/or need physical access to the pc to infect it. However, the chances of a home user's linux desktop falling victim to malware are zero to slim as long as you exercise common sense about what sites you visit, what you download and install.

https://blogs.blackberry.com/en/2022/06 ... nux-threat
I’ll tell you a DNS joke but be advised, it could take up to 24 hours for everyone to get it.
User avatar
Portreve
Level 13
Level 13
Posts: 4882
Joined: Mon Apr 18, 2011 12:03 am
Location: Within 20,004 km of YOU!
Contact:

Re: Virus

Post by Portreve »

Right now, the biggest threat actors (which also would tie into the original post's linked article about targeting telecom, banking, and in general what would be classed as "infrastructure") are, of course, the Russian Federation, North Korea, and China. They were doing this before, of course, but it's probably gotten worse since NATO's reaction to Russia's military invasion and conquest of Ukraine.

There are absolutely times where black ops are a valid option, and all this cyber warfare going on with state actors likely is such an example.

Vis a vis virus/malware threats to Linux, as has been said up-thread and plenty of times before, Linux has always been a harder target than Windows, though not impossible, and in general it's a much smaller target because of the demographics out there for desktop OS use.

On a completely, totally, absolutely unrelated note to this thread whatsoever, Paul is still one of my most favorite movies ever. Just sayin'.
Flying this flag in support of freedom 🇺🇦

Recommended keyboard layout: English (intl., with AltGR dead keys)

Podcasts: Linux Unplugged, Destination Linux

Also check out Thor Hartmannsson's Linux Tips YouTube Channel
Marie SWE
Level 5
Level 5
Posts: 713
Joined: Wed Feb 28, 2018 7:32 pm
Location: Sweden

Re: Virus

Post by Marie SWE »

Portreve wrote: Fri Jul 01, 2022 12:03 am Right now, the biggest threat actors (which also would tie into the original post's linked article about targeting telecom, banking, and in general what would be classed as "infrastructure") are, of course, the Russian Federation, North Korea, and China. They were doing this before, of course, but it's probably gotten worse since NATO's reaction to Russia's military invasion and conquest of Ukraine.

There are absolutely times where black ops are a valid option, and all this cyber warfare going on with state actors likely is such an example.

Vis a vis virus/malware threats to Linux, as has been said up-thread and plenty of times before, Linux has always been a harder target than Windows, though not impossible, and in general it's a much smaller target because of the demographics out there for desktop OS use.

On a completely, totally, absolutely unrelated note to this thread whatsoever, Paul is still one of my most favorite movies ever. Just sayin'.
I want to add a little trick that works on some malware from them... if you add Russian/Chinese keyboard layout as switchable languages, some malware will leave you alone as it design to attack the west and leave there own people alone.
if you want my attention...quote me so I get a notification
Nothing is impossible, the impossible just takes a little longer to solve..
It is like it is.. because you do as you do.. if you hadn't done it as you did.. it wouldn't have become as it is. ;)
User avatar
antikythera
Level 15
Level 15
Posts: 5723
Joined: Thu Jul 02, 2020 12:52 pm
Location: Cymru

Re: Virus

Post by antikythera »

Marie SWE wrote: Fri Jul 01, 2022 8:38 pm I want to add a little trick that works on some malware from them... if you add Russian/Chinese keyboard layout as switchable languages, some malware will leave you alone as it design to attack the west and leave there own people alone.
Don't forget to hang garlic around the monitor to ward off vampires too, malware doesn't care about keyboard layouts and system language options that end users set.
I’ll tell you a DNS joke but be advised, it could take up to 24 hours for everyone to get it.
Marie SWE
Level 5
Level 5
Posts: 713
Joined: Wed Feb 28, 2018 7:32 pm
Location: Sweden

Re: Virus

Post by Marie SWE »

antikythera wrote: Fri Jul 01, 2022 8:44 pm
Marie SWE wrote: Fri Jul 01, 2022 8:38 pm I want to add a little trick that works on some malware from them... if you add Russian/Chinese keyboard layout as switchable languages, some malware will leave you alone as it design to attack the west and leave there own people alone.
Don't forget to hang garlic around the monitor to ward off vampires too, malware doesn't care about keyboard layouts and system language options that end users set.
garlic around the monitor also work on the covid malware. :mrgreen:
jokes a side.. it is a few windows malware that was design to not infect russian computers... I don't remember the name of them now, but I can look them up if you want me to.
Edit: From NBCnews https://www.nbcnews.com/politics/nation ... s-n1273222
if you want my attention...quote me so I get a notification
Nothing is impossible, the impossible just takes a little longer to solve..
It is like it is.. because you do as you do.. if you hadn't done it as you did.. it wouldn't have become as it is. ;)
User avatar
antikythera
Level 15
Level 15
Posts: 5723
Joined: Thu Jul 02, 2020 12:52 pm
Location: Cymru

Re: Virus

Post by antikythera »

I'll have some of what Krebs is smoking :lol:

Such state sponsored malware is designed to target systems with specific IP addresses and roles, adding russian or chinese keyboard layouts wouldn't prevent malware executing.
I’ll tell you a DNS joke but be advised, it could take up to 24 hours for everyone to get it.
Marie SWE
Level 5
Level 5
Posts: 713
Joined: Wed Feb 28, 2018 7:32 pm
Location: Sweden

Re: Virus

Post by Marie SWE »

antikythera wrote: Fri Jul 01, 2022 9:23 pm I'll have some of what Krebs is smoking :lol:

Such state sponsored malware is designed to target systems with specific IP addresses and roles, adding russian or chinese keyboard layouts wouldn't prevent malware executing.
perhaps he smoking Colombian malware extra pure. :mrgreen:
I have not worked with windows malware for quite a wile now.. so I'm not in the loop any longer.. but I know there is a lot weird targeting solutions on some things. a home user never sees those ones.
The last malware I was working on was wannacry back then, it is a few years now.
if you want my attention...quote me so I get a notification
Nothing is impossible, the impossible just takes a little longer to solve..
It is like it is.. because you do as you do.. if you hadn't done it as you did.. it wouldn't have become as it is. ;)
Locked

Return to “Chat about Linux”