Linux Malware vs Phishing Schemes

Are Linux users more threatened by malware or phishing schemes? The difference isn’t even close.
Posted December 15, 2014

Matt Hartley

(Page 1 of 2)

For years now, we’ve been told about the dangers of how various types of malware like worms and other threats were going to catch the growing Linux user base off guard. As of the year 2014, nothing remotely close to this has happened. Malware exists, but for desktop Linux users, it’s a non-issue.

Despite this fact, there continues to be rumors that malware "could" affect desktop Linux users. It seems the mere "threat" holds greater proof of concept than the reality that no one is actually seeing malware threats on their Linux desktop.

In this article, I’ll examine current threats to the Linux desktop and explain why I believe phishing is far more dangerous to most Linux users than malware.

Linux exploits are primarily targeting servers

One of the first things I’d like to point out is that when it comes to the exploits targeting Linux, it’s the server – not the desktop – that is at the greatest risk. Servers are front-facing appliances exposed to the web. This means patches/updates must be applied on a regular basis to minimize the risk of the server being exploited.

While it’s true that the desktop is also facing the web, it’s not the same sort of destination as a web server. See, Linux desktops are far more likely be exploited by an open port and poor firewall settings than an actual "in the wild" exploit. Obviously, there may be exceptions to this in the future. But for the time being, the most dangerous exploit I’ve found with the Linux desktop is human error and complacency, not malware.

As it turns out, the real threat is more human than machine. And the name of that threat is phishing.

Phishing schemes are cross platform

I don’t care how savvy you happen to be, most of us have had close calls with phishing schemes. Some of the easiest to fall into are those shared via social media. A trusted friend shares a link on Facebook, not thinking much of it when you’re asked to log back in and then it hits you -- that wasn’t really Facebook that asked you to login.

Even for advanced users on the Linux desktop can fall prey. Perhaps you're multitasking while working on your laptop, maybe a family member asks you a question or you’re watching TV. The above situation can happen very easily and while you will catch on, it might already be too late. Another example might be Amazon asking you to re-affirm your payment info. Then it hits you that the link you rolled your mouse over in that email isn’t really Amazon at all.

As you can see from my above example, phishing schemes aren’t something that only affect those falling for faked banking emails or spoofed PayPal alerts. Sometimes it’s stuff that’s mundane enough to seem legit, worse yet, these things can happen when you’re not paying close attention.

The media effect

Where things can go from bad to worse, is when the media gets ahold of something legitimate that happens to something with technology. Cross-platform, state-sponsored spying becomes "Linux malware threat." When we read stuff like this, it’s important to take a step back and examine the facts. More often than not, stuff being reported in this space is a non-issue or is simply taken completely out of context.

Making matters worse is when the tech media perpetuates this kind of nonsense. This is the segment of the media we like to believe knows better than to perpetuate Linux FUD. Sadly though, this isn’t always the case.

Personally, I believe the tech media has been chomping at the bit to see Desktop Linux experience one really big malware outbreak. This would serve two ways: One, it provides really juicy news stories for tech writers. And two, it does wonders for writers who have claimed that Linux is just as insecure as other operating systems.

If it executes code…

Old code, new code, if it can be executed, the device running said code is potentially at its mercy. So while there have been great strides in OS security, app containers, and other safety layers from which to feel safe with -- anything that executes code "could" be a risk. The key thing to remember however, is just because something is possible doesn’t mean it’s going to happen. It’s possible I might win the lottery and buy a small island. Yet, when we look at the odds, the numbers simply don’t add up.

Page 1 of 2

1 2
Next Page

Tags: Security Software, Linux desktop, phishing, malware analysis

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.