• @bleistift2@sopuli.xyz
    link
    fedilink
    English
    012 days ago

    A few years ago I found a text (probably as image) where somebody ‘tried’ to run a virus on linux. It went something like this:

    Wanted to install a virus on Ubuntu, but it was only available as an aur package. Tried converting. Didn’t work … Tried make virus, but didn’t work. Upgraded cmake, tried again, but some libraries were missing.

    Tried installing libraries, but they were very outdated and I couldn’t find proper versions.

    Checked the source to see what the libs were doing and replaced them.

    and so on.

    Does someone know what I’m talking about and possibly has the source?

      • @voodooattack@lemmy.world
        link
        fedilink
        012 days ago

        Nope. With a stock wine prefix it can access anything you have the permission to access. Your FS root is mapped to the Z:\ drive by default.

        • knightly the Sneptaur
          link
          fedilink
          012 days ago

          I suppose if there was a wine config that had an appropriate dosdevice setup for the boot sector then it’d be able to write to it, but wine doesn’t need to boot so I don’t think that would do anything.

        • @azha@lemm.eeOP
          link
          fedilink
          English
          012 days ago

          They simply can’t because its designed to do that on windows not on Linux because they are different. Plus use ClamAV and you should be good. (I am not an expert in this)

  • Mensh123
    link
    fedilink
    0
    edit-2
    11 days ago

    Please stop oretending Linux was imune to viruses. A virus can do many things, perhaps even more on Linux than it could on Windows.

    Not running an AV only borks because viruses nowerdays are much less common, especially if you follow some best practices (Adblock, no piracy sites, recognize sketchy stuff).

  • kaerypheur
    link
    fedilink
    011 days ago

    Honestly, I use Linux and I need VirusTotal scans for side-loading .deb packages. It’s because I’m not a coding expert, auditing every code of the packages before installing it. So, I think it’s myth that Linux do not need antivirus or anti-malware. We have other different approaches too such as using anti-malware DNS servers.

    • Does this work? I would think scanning a *.package would only assess that content. Wouldn’t something malicious likely be in the code or dependency it could call via some form of get request? That .deb package itself could be completely “safe” until it calls a git clone <URL> to then run something malicious.

      I think this would be more likely to work for appimage or flatpak, though the same approach could compromise the validity of the scan. Am I thinking too hard, or did I just miss the point?

  • Fushuan [he/him]
    link
    fedilink
    012 days ago

    A single .sh file with exec permission that asks for sudo will easily download appimage keyloggers and then set a cron job to run it every X time to keep it alive and sends it all to whatever remote location. Or whatever else you let the appimage do.

    95% of regular users will double click that, and then write their pass in the popup without blinking twice and that will work in most Linux systems.

    Most viruses don’t target Linux, sure, but that’s wishful thinking. Always be creful with what you run.

  • @Screen_Shatter@lemmy.world
    link
    fedilink
    012 days ago

    I just switched to linux and totally forgot about this. Do I really not need one? 99% of what I do is steam gaming anyway so I’m not too worried, worst case I just format and reinstall, but still…

    • @Forester@pawb.social
      link
      fedilink
      English
      012 days ago

      Most malware is not Linux compatible. However the stuff that is will fuck you over very hard. Get clamav set a cron

    • @kernelle@0d.gs
      link
      fedilink
      012 days ago

      ‘The best anti-virus is common sense [current year]’ - was a meme more than decade ago and is still true. Linux is not safer than any other OS.

      The reason why people think otherwise is because statistically, when bad actors release malware it’s made for the OS with the largest market share. Which for computers, is still Windows by a landslide.

      • @UnderpantsWeevil@lemmy.world
        link
        fedilink
        English
        0
        edit-2
        12 days ago

        Linux is not safer than any other OS.

        Apache web servers were, are, and will continue to be common thanks to their cheapness and ease of configuration. And malware (particularly and most recently coinminers) have been a plague on Apache for at least the last few years.

        “Nobody’s come after my bespoke Linux kernel” is just preaching security-through-obscurity. Which - hey - if you’re running a Mint box to host videos on Jellyfin, sure. The absolute worst case scenario is being forced to re-download 1000 hours of tv/movies/music you forgot you even had. But if you’re doing any kind of business application or - god forbid - enterprise level application development, you might as well post a “Kick Me” sign on your admin’s back as tell your team that Linux is virus-proof.

    • @azha@lemm.eeOP
      link
      fedilink
      English
      012 days ago

      better be safe than sorry so get Clamav and scan your system frequently

  • Dizzy Devil Ducky
    link
    fedilink
    English
    012 days ago

    As someone who may obtain games and shows/movies through less than rights holder approved methods, ClamAV is a necessity.

    • @Maiq@lemy.lol
      cake
      link
      fedilink
      012 days ago

      Not just for the pirate though. If you share any files between nix and win OS’s. I wouldn’t want to share any computer std with those I care for, friend, family or business.

      There are also cool tools like chkrootkit and rkhunter that might come in handy.

  • Omega
    link
    fedilink
    011 days ago

    Linux users are always one bad app from being completely scammed

    • Omega
      link
      fedilink
      011 days ago

      Wayland and Flatpak actually somewhat protects you though, as long as you know to NOT give it the permissions to read all of /home

  • @eldain@feddit.nl
    link
    fedilink
    0
    edit-2
    12 days ago

    Everyone should think about threats to their data. Cloud backup and laptops better be encrypted, services with open ports be shielded. Linux viruses do exist, especially for android and routers. But also whatever system has an outdated dokuwiki open in the wild is a welcome addition to a botnet. The value of a botnet is in number of infected systems and you don’t need root access to mine monero or take part in a ddos on a machine. Linux security is sincerely undervalued. Selinux, the grsec kernel patches, chrootjail, tripwire… do exist, but are a hassle to setup and maintain. The new container options are nice (docker or flatpack) having your webbrowser contained is not a bad idea.

    Update your router, your desktop is spoiled for updates. I stop my 1 am ramblings here.