Thursday, January 3, 2013

Trojan Horse for Linux?

I came across this post on the avast! forum recently. Trojan Horse for Linux, it declares. OK, it's Symantec that called it a Trojan Horse, but wrong: it's a malicious Apache Module.

Yes, Linux malware does exist. Who should be worried? In this case, administrators of Linux servers, as the attack vector of this malware is unknown, and it seems to have been placed on servers with good security.

This is not a Trojan Horse that desktop users of Linux are going to have to worry about downloading from the internet.

I recently wrote that Desktop Linux needs anti-virus like a fish needs a bicycle. I'm glad I put that "Desktop" in there. Virus programs like Symantec and ESET do detect this malware. This VirusTotal result I found suggested that the detection rate among anti-virus programs is pretty good. An anti-virus scan of a server may pick up a hack like this.

But I'm writing for users of Desktop Linux. The existence of a targeted hack against Linux servers or the existence of Linux malware on servers is not reason for desktop Linux users to worry.

When it is time to worry, you'll read it here.

No comments:

Post a Comment