Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Malware on Linux - When Penguins Attack"


  • Please log in to reply
7 replies to this topic

#1 DeimosChaos

DeimosChaos

  • BC Advisor
  • 1,422 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:09:48 AM

Posted 03 August 2015 - 11:09 AM

Here is a pretty good podcast on Linux servers hosting malware. Scroll down to get to the podcast.


OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


BC AdBot (Login to Remove)

 


#2 SuperSapien64

SuperSapien64

  • Members
  • 1,020 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:48 AM

Posted 03 August 2015 - 10:23 PM

This is exactly why I sandbox on both Windows (SBIE) and Linux (Firejail). Nothings worse then a false sense of security and far to often the Linux community suffers from this. Speaking of sandboxing I wonder when the Linux version of Firefox is going to have a native sandbox?



#3 gigawert

gigawert

  • Members
  • 1,304 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:48 AM

Posted 04 August 2015 - 05:50 PM

There's Linux malware? I thought security in Linux was so tight it was nearly impossible to develop them.


John 3:16

 "God loved the world so much that He gave His uniquely-sired Son, with the result that anyone who believes in Him would never perish but have eternal life."


#4 MadmanRB

MadmanRB

    Spoon!!!!


  • Members
  • 3,281 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:No time for that when there is evil afoot!
  • Local time:09:48 AM

Posted 04 August 2015 - 06:01 PM

There's Linux malware? I thought security in Linux was so tight it was nearly impossible to develop them.

 

Nothing is bulletproof, the internet is the great equalizer.

But more times then not linux is more secure then windows where desktops are concerned 


You know you want me baby!

Proud Linux user and dual booter.

Proud Vivaldi user.

 

xu847p-6.png


#5 DeimosChaos

DeimosChaos
  • Topic Starter

  • BC Advisor
  • 1,422 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:09:48 AM

Posted 04 August 2015 - 06:19 PM

There's Linux malware? I thought security in Linux was so tight it was nearly impossible to develop them.

If you listen to the podcast, it was more or less not malware on Linux, but Linux systems hosting malware and spreading them to Windows machines. Most of the web is built and run off of Linux, so that isn't to big a surprise. Typically the vulnerability in Linux comes with what applications you have and flaws that people find in them, not necessarily the OS itself. Unlike Windows... which always has some kind of security flaw in its core OS.


OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


#6 mremski

mremski

  • Members
  • 498 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NH
  • Local time:10:48 AM

Posted 05 August 2015 - 10:17 AM

What do the majority of people do with the internet?  Browse to websites, http and https.  What are they? protocols that let the far end display information in your application.  What information?  Just about whatever they want.  PHP, SQL, flash, javascript, etc all different ways to get data and populate it.  If the far end is not simply serving up static pages, it's a possible attack vector.  You know the rotating ads that show up on some websites?  Attack vector.  Server gets compromised, you visit the page, you get infected.  

 

That's the primary interest for the malware community:  compromise servers to infect as many users as possible.

 

DeimosChaos:  Drexel?  Really?  I thought I was the only one.  


FreeBSD since 3.3, only time I touch Windows is to fix my wife's computer


#7 Al1000

Al1000

  • Global Moderator
  • 8,054 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:02:48 PM

Posted 05 August 2015 - 10:21 AM

That was an interesting podcast, thanks for the post. Most of what we hear about viruses in Linux seems to be regarding when penguins attack, rather than when penguins are attacked.

#8 DeimosChaos

DeimosChaos
  • Topic Starter

  • BC Advisor
  • 1,422 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:09:48 AM

Posted 05 August 2015 - 11:01 AM

What do the majority of people do with the internet?  Browse to websites, http and https.  What are they? protocols that let the far end display information in your application.  What information?  Just about whatever they want.  PHP, SQL, flash, javascript, etc all different ways to get data and populate it.  If the far end is not simply serving up static pages, it's a possible attack vector.  You know the rotating ads that show up on some websites?  Attack vector.  Server gets compromised, you visit the page, you get infected.  

 

That's the primary interest for the malware community:  compromise servers to infect as many users as possible.

 

DeimosChaos:  Drexel?  Really?  I thought I was the only one.  

Hello fellow Drexel Alumnus! Nope, not the only one!

 

That was an interesting podcast, thanks for the post. Most of what we hear about viruses in Linux seems to be regarding when penguins attack, rather than when penguins are attacked.

My pleasure. Glad other people are finding it interesting!


Edited by DeimosChaos, 05 August 2015 - 11:02 AM.

OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users