Saturday, July 18, 2009

Viruses In Linux

Many Linux users, and non-Linux users, believe Linux is a virus-free OS.
Other believe that even if a virus hits a Linux machine, the impact would be little, as it runs without root privileges.

So the shocking news are: both wrong. Linux distros has bugs and vulnerabilities which can be exploited for malicious activities. Such can include remote-control trojans, rootkits, data-theft, and so on. Those viruses gains root access without the user's acknowledgment.

Recently I found at work a server hosting tons of Linux viruses, with the source code, which exploits recent kernels used in modern distros. Here are few examples.

I don't want to raise any panic. Linux is still way safer than Windows. So does OS X. This is mostly due to the fact those OSes are far less popular on the desktop. Also, updates are released faster, and thanks to package management, installed regardless which piece of software is vulnerable.Link


  1. Shocking indeed! The World has been alerted to the fact that Linux, like any other operating system, can get a virus. However, when Windows gets a virus that nearly brings the Internet to its knees, it's business as usual.

    The implication of your little blurb here and others like it, is that because Linux can get a virus its lack of security is equal to that of Windows. That is the kind of logic that keeps many people locked in to Microsoft.

    There's no need for me to repeat what has already been clearly explained about Linux vs Windows security. Here are a couple of links to help educate:

  2. kozmcrae - thanks for the comment.
    clearly you don't read my blog, and not aware to the fact I'm a Linux fan (actively. I contributed code) and my words are written cynically.

    yet, as a security researcher I hear too many people that truly think Linux is not vulnerable to attacks and viruses.

    If someone would keep using windows even though it is less secure (as I mentioned in the post), it's his problem. Our mission is to create a better OS, and not to convert users. This is not a crusade.

  3. I think this is why many mainstream antivirus companies are now offering Linux and Unix protection. Because, despite what people think and want to continue assuming, no OS is completely safe and they all could use at least a modicum of protection.