Linux Malware: Are We There Yet?

Many Linux users believe their system is safer than it truly is.


You Can't Detect What You Can't See: Illuminating the Entire Kill Chain

Posted October 25, 2011

Matt Hartley

(Page 1 of 2)

For years, one of the biggest benefits of escaping Microsoft Windows was that running a security suite with a Linux distribution was completely unnecessary. There simply wasn't a need for it.

Now this isn't to say that one OS is more secure than another (that’s a debate for another article entirely). However I've found that in general, the most dangerous thing you will run into on the Linux desktop is a lousy upgrade experience.

In this article, I'll take a look at why so many users believe Linux is completely safe and how this belief is false. The fact of the matter is, no operating system is truly malware proof. In truth the threat level experienced tends to vary from platform to platform.

Windows malware vs Linux malware

One of the biggest misconceptions coming from newer Linux users is that by getting away from Microsoft Windows, they're now free to run their PCs without a care in the world. While it's true that the Linux desktop isn't nearly as big of a target as the Windows desktop, it's foolish to think that security isn't a concern at all.

As a matter of fact, there are ample malware issues that Linux users need to be aware of. The difference is that unlike Windows, most issues come from rootkits and phishing attempts.

Another growing trend taking place on the OS X landscape is malware being bundled with what appears to be legitimate software. Even worse, is the realization that OS X's own built-in defenses are easily defeated instead of protecting the end-user.

Considering that OS X is closer in nature to Linux than Windows, OS X should serve as a warning that pretending security threats don't exist will cost you in dealing with these issues later. Perhaps this is why OS X is pushing their new application store so hard? After all, this desktop app store is considered a trusted source for software.

Untrusted package sources

If there was one glaring area where desktop Linux security is lacking, it's how easily most users will happily install random software from unknown sources. Despite modern distributions offering some protective measures to save critical parts of the operating system, a sophisticated attack could create problems if left unchecked.

Clearly, sticking to trusted software sources only, or simply compiling your own, would offer the safest results. And even at that, relying on what is believed to be a trusted brand name, simply isn't enough anymore.

On the other hand, most malware targeting the Linux platform is going after the server space – not the desktop space.

The reason for this is two-fold: First, Linux server adoption is massive in comparison to desktop Linux adoption. Second, malware creators are getting plenty of "bang for their buck" by simply targeting Windows and OS X users on the desktop.

Much like it is with offering anything cross-platform, malware developers seem content to pretend like Linux on the desktop simply isn't worth it.

Bots, rootkits and unknown commands

I'd suggest that the single most dangerous thing a Linux user could do to their system is forget to keep frequent backups of their home folder. Other than this, unknown commands being ignorantly executed would be my next big warning for newer users.

For the rest of us, many believe that so long as our PCs are secured with strong passwords, secured with closed ports and rely on public keys for SSH access, there's really nothing to worry about. After all, bots and rootkits are something you only hear about when dealing with web servers, not home desktop machines.

But this certainly doesn't mean a new and undiscovered security threat isn't coming up on the horizon anytime soon. All it takes is the right motivation and enough careless individuals to execute the malware on their machines.

Think it's impossible? The same belief was once held with malware on smartphones.

Malware and smartphones

Long before Android was available to the masses, I wrote a piece about how I believed that we'd begin seeing malware attacking smartphones any day now. As expected, I was ripped apart in the "court of public opinion" because the idea of mobile malware was considered preposterous at the time.

Now it would seem I have the last laugh as malware is very much a part of today's mobile software world.

Page 1 of 2

1 2
Next Page

Tags: Linux, Security Software, malware

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.