Linux

55584 readers

988 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

Are there any examples of Linux (desktop) viruses that are actively or were recently in circulation? (lemmy.ml)

submitted 1 day ago by monovergent@lemmy.ml to c/linux@lemmy.ml

11 comments fedilink hide all child comments

Or historical exploits/trojans/etc. that deserve more attention? I've mostly heard about lucrative vulnerabilities that concern Linux servers, but what about the end-users on desktops? Or is the Linux desktop market small enough that we mostly just see one-off instances of users blindly running malicious scripts?

you are viewing a single comment's thread
view the rest of the comments

[–] just_another_person@lemmy.world 52 points 1 day ago* (last edited 1 day ago) (1 children)

Not in the way you're probably thinking, which I assume is like in a Windows-y kind of way.

Finding an exploitable escalation of privileges in Linux is rare, but unpatched machines get hacked all the time, but the world of worms, and such is kind of gone.

The way most end-user machines get compromised these days is by supply chain attacks, undiscovered zero-day exploits, user error, and social engineering. Groups that discover zero-days usually keep it close the vest, and they don't get found for long periods of time after they've been out in the wild.

The way most corporate machines get attacked is social engineering, supply chain, and zero-days. Mostly crypto mining schemes and enterprise-level ransoms for data.

All the Windows botnets you hear about out there are largely unpatched machines exposed to the internet in various stupid ways that groups prey on to take control of.

Edit: Forgot about leaked secrets. Lots of companies get hit from plaintext secrets that get out in the wild via various stupid means.

[–] slackness@lemmy.ml 2 points 22 hours ago

Malware targeting individuals rather than servers do not need privilege escalation. They just need to run as the user and swipe cookies/credentials/wallets etc. Privilege escalation would allow them to do catastrophic damage but that's not the point in that case.