A real Linux virus on the prowl: newsbytes

Navigation

User login

GWT in Practice at Manning
GWT in Practice at Amazon
GWT Resources

Unlocking Android at Manning
Unlocking Android at Amazon
Android Resources

Quote

George Bernard Shaw

When a stupid man is doing something he is ashamed of, he always declares that it is his duty.

A real Linux virus on the prowl: newsbytes

Mon, 01/07/2002 - 09:58 — charlie.collins

There is an actual virus out there for Linux. Yep, its not an email worm, its not an exploit in some existing code that allows access, its a piece of code that infects binaries and then replicates itself and allows remote control of the infected host. In fact there are a few real Linux viruses around but they dont get much press (this "new" one is a variant of an older one.)

The new virus is known as RST.b (Remote Shell Trojan) and it attaches itself to ELF binaries. Once there is enables a back door and sends out information about the infected host. There are apparently a few flavors of the virus around and some have been spotted "in the wild."

There is not great concern about the virus spreading because Linux machines wont infect themselves (unlike many Windows machines.) For a machine to become infected an infected file must be run on the machine as root. Hopefully this doesnt happen very often.

Be advised that Linux virii do exist and just use common sense. Check the sig on anything you download before you install it and dont run anything unknown as root.

For more info see the linked newsbytes story. New Linux Backdoor Virus Gains Smarts: newsbytes