UNIX / Linux Viruses

Courtesy of the alt.comp.virus newsgroup participants.
(These "anti-malware" pages are the result of a continuing cooperative effort.)

Translated versions available: Français, Deutsch and in het Nederlands

Anti-Virus Main Menu
Main Menu
UNIX / Linux Viruses - straight from the hip...
  by Clay, Frederic and Andrew

Problem:
   The myth that Linux is immune to viruses still persists.

Solution:
   "We" refute this myth.

The "debate" continues to rage on about UNIX and Linux viruses. Much of what you may have read is simply uninformed and inaccurate. More and more "virus experts" are crawling out of the woodwork and many seem to have little "real world" knowledge of UNIX. This is probably because most viruses and anti-virus software is written for Windows-based systems. However, that is no excuse for disseminating misinformation, so we'll just focus on the known facts here.

The computer virus problem is much less prevalent under the Unix platform, but that does not at all mean it is nonexistent. Unix viruses (though very few) do exist. Additionally, some of the oldest worms are UNIX based! If you consider your data important, you need to accept these facts.
(Name one Linux virus? Okay... Bliss.)

That said, there are certainly (and not surprisingly) very few viruses in the wild viable under Unix. This is partly because of access restrictions in the environment. For example, if a user runs a file that is infected with a virus, it can only do what this user has privileges to do (under normal conditions-not much) so at very least, it cannot spread to other systems. But, if a superuser (or anyone with full permissions) runs a virus, it could possibly infect the whole system and travel to other systems... etc.

Also, one must remember that viruses are much less prevalent under UNIX operating systems simply because those operating systems are not as widely used for home systems as DOS/Windows operating systems. If more people used UNIX operating systems at home, obviously more viruses would target them. The rise in popularity of the GNU/Linux operating system, has certainly shown this to be true.

Beware, as Unix type systems such as GNU/Linux become more popular and home user friendly, more and more inexperienced users will probably operate their systems as a user with full system access, giving malware an easy way to disrupt the system.

"Historical" quote from Vecna ("author" of the Hybris worm) | 1999-11-11 20:49:24 CET:

Linux virus do exists... I already saw a per-process Linux virus infecting the ELF's PLT section, and ptrace() can be perverted very easily ;)

   Vecna/29A

For more detailed information, peruse the links referenced below.

References:

Computer Viruses In Unix Networks
The Plausibility of UNIX Virus Attacks



© Claymania Creations 2001 - 2010. All applicable rights reserved.

Updated: May 20, 2001