A brief history of Linux malware

A brief history of Linux malware

Worship all hackers

View Image

-Worms, viruses and Trojan horses that plagued Linux in those years

Although malware targeting Linux is not as common as targeting Windows and even OS X, the security threats facing Linux have become more and more serious in recent years. The reasons include that the explosive popularity of mobile phones means that Linux-based Android has become one of the most attractive targets for malicious hackers, and the machines that use Linix systems as data center server systems have been steadily increasing. But as early as 2000, Linux malware appeared around us in some form. Let us review it together.

Staog (1996)

View Image

The first recognized Linux malware is Staog, a basic virus that attempts to attach itself to a running executable file and gain root access. The virus was quickly cleaned up and did not spread widely, but it showed the world that Linux is also at risk of infection.

Bliss (1997)

View Image

Although Staog was the first Linix virus, Bliss was the first virus that really caught people's attention. The virus infection method is also mild, just trying to obtain permission by hijacking executable files, a simple Shell option command can inactivate it. According to the Ubuntu (Ubuntu) online documentation, the virus even keeps a concise log.

Ramen and Cheese (2001)

View Image

Some Linux worms may be what you want, such as Cheese. It is actually a beneficial worm that can patch the loopholes used by the early Ramen worm to infect computers. The Ramen worm uses a picture to replace the homepage of the web server, with the text saying "hackers love-eat noodles", hence the name.

Slapper (2002)

View Image

The Slapper worm that swept through in 2002 infected servers through SSL vulnerabilities in Apache, a full 12 years earlier than Heartbleed.

Bad Bunny (2007)

View Image

Badbunny is an OpenOffice macro virus that carries complex scripts that can run on multiple platforms. Although the only effect of the infection was to download a picture of a wretched man in a bunny suit.

Snakso (2012)

View Image

Snakso is an invisible Trojan aimed at a specific version of the Linux kernel. It disrupts TCP packets and injects an embedded frame into the traffic generated by the infected machine to push automatic downloads.

The third hand (2013)

View Image

The third hand (Hand of Thief) is a commercial Linux Trojan generator sold on Russian hacker forums, which caused quite a stir when it broke last year. However, RSA researchers soon discovered that it was not as dangerous as originally thought.

Windigo (2014)

View Image

A complex and large-scale cybercrime activity carried out by thousands of Linux servers. Windigo caused the server to generate spam, relay malware and redirect links. According to ESET Security, the threat of Windigo still exists, system administrators must not be paralyzed

Shelling Vulnerability and Botnet (2014)

View Image

The attack on Terminal is directed at the Linux kernel, which is why the recent Mayhem botnet attack against the so-called Shellshock in Linux's Bash command line interpreter is so compelling. Yandex researchers said that more than 1,400 servers have been infected since July.

Terra Epic Spyware (2014)

View Image

Researchers discovered a large-scale cyber spyware campaign from Russia earlier this week. The Epic Turla spyware used was a full-scale backdoor access called cd00r that appeared as early as 2000. program.


Reference : https://blog.csdn.net/a0100034930/article/details/42569099