[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y ] [Search | Home]
4Archive logo
Linux Users May Have Been Infected For Years
If images are not shown try to refresh the page. If you like this website, please disable any AdBlock software!

You are currently reading a thread in /g/ - Technology

Thread replies: 66
Thread images: 4
http://arstechnica.com/security/2014/12/powerful-highly-stealthy-linux-trojan-may-have-infected-victims-for-years/

"Researchers have uncovered an extremely stealthy trojan for Linux systems that attackers have been using to siphon sensitive data from governments and pharmaceutical companies around the world."

"Now researchers from Moscow-based Kaspersky Lab have detected Linux-based malware used in the same campaign."

Rekt
>>
Just you wait until APTs start becoming common on tablets smartphones and routers. No UI (in fact no admin rights) that could be used to reveal the malware. Always on LTE connection doing who knows what with no connection logs to read, or logs compromised (the router infection). As stealthy as they have gotten on full blown OS installs they pale in comparison to the possibility of the sheer pervasiveness of APTs running on other devices.

Remember, almost everything now is a computer and runs some sort of OS far more capable than the UI the device is presenting to the user.
>>
>Moscow based
stopped reading there
>>
>>45533178
Get out Linsux shill.
>>
>>45533178

Don't worry, the post ended soon after that, so you got the gist of it. But if you're interested, here's what was said after 'Moscow-based'
>-Kaspersky Lab have detected Linux-based malware used in the same campaign."
>>
>>45533178
Wow that hurt my feelings
>>
>>45533175
>copy pasting the top comment

Anyways, now what OS should I use
>>
>>45533350
keep using gentoo my f ren
>>
File: BTFO.jpg (68 KB, 1500x1500) Image search: [iqdb] [SauceNao] [Google]
BTFO.jpg
68 KB, 1500x1500
LOONIX USERS

B T F O
T
F
O

ⓁⓄⓄⓃⒾⓍ ⓊⓈⒺⓇⓈ ⒷⓁⓄⓌⓃ ⓉⒽⒺ ⒻⓊⒸⓀ ⓄⓊⓉ

ATTENTION,
YOU HAVE BEEN
BLOWN
THE
FUCK
OUT
>>
>>45533133
Aren't they talking about servers and enterprise stuff? The article doesn't say that home computers running Linux have been targeted. At least I assume it doesn't.
>>
>>45533175
2SPOOKY4ME
>>
>new viruses for Windows discovered daily
>a single virus for Linux discovered
>Rekt
If anything, this only demonstrates what security experts have said all along. The commonly held belief that Windows only gets more viruses than other systems because of its wide adaptation is wrong because it ignores the fact that almost all of the highest value targets out there run Linux. If you want grandma's social security number you write a virus for Windows. If you want state and corporate secrets, websites' user data, or to compromise a business or government in any way, you write a virus for Linux. And yet, almost none exist. The article fails to mention how this malware spreads. The term "Trojan" usually means that it tries to disguise itself as something else and you have to install it and run it yourself for it to work. So, you can install software for Linux that does bad things. Shocking.
>>
>>45533506
Nobody can say for sure

And this is only this particular piece of malware they're discussing
>>
>>45533133
>kaspersky aka botnet av
>>
>>45533448
wen is genthree cuming out
>>
>>45533588
>May Have Been Infected For Years
This doesnt happen with windows.

Stay butthurt fat virgin freetard.
>>
>>45533671
It happened with Stuxnet.
>>
How do you pronounce gentoo, /g/

Is it Jen-Two, or Gehn-Two
>>
>>45533702
jen-too, same as the penguin it's named after.
>>
>>45533133
Linux already has solutions built in.

Boot Linux from read-only media and reboot often. No trojan can stay in your system because the OS is refreshed with each reboot.

Use the "toram" cheatcode on Knoppix, for example, and the whole OS will boot to RAM and be delightfully fast.

You can make custom live boot images from an OS installed elsewhere and kept off line by using tools like remastersys. Of course Knoppix can remaster itself so there's always that.

All the above examples have been available for a long time and there are more ways to go about it than I listed.

Have some Gentoo options, then go back to your gloryhole so you won't be late for dinner!

https://wiki.gentoo.org/wiki/LiveUSB/HOWTO
>>
>>45533702
I think it's pronounced "piece of shit"
>>45533733
Shut up, crab
>>
>>45533702

Those are the same. And yes, that is how you say it.
>>
>>45533838
>those are the same

No, not at all
>>
>>45533735
You can do all that shit with Windows and OS X though. Your argument is invalid as it does not disprove the hypothesis that Linux is shit.
>>
>driving my bmw on the interstate
>get a flat tire
>pull over and begin installing spare
>windows pleb drives by
>all tires gone, rolling on bare metal making sparks
>front wind shield cracked, rear window smashed
>rear right door's window won't close all the way up, left door's completely gone
>stops rights beside me, blocking a lane
>yells "haha! enjoy your flat tire faggot!"
>drives away, huge oil stain where his car was

hope you liked my analogy for this thread
>>
>>45534083
Not sure I exactly understand it but it was a lot of words so ok
>>
>>45533968
You can do it far more easily with Linux.

Show us a fully capable Windows OS that can boot and run from read-only media. OS X being Unix-like should be able to do this, but OS X is crippled to only run on Apple platforms unless hacked.

Keep trolling, boy.
>>
>>45534083
That's right. Despite having been through hell and back his OS just keeps on trucking.
>>
>>45534083
More like your bmw is pic related, possibly self made, you kinda understand the basics of how it works, but its a piece of shit in general that never worked correctly. It did the job, half assed but it did, you had no problem as you had all the time in the world for it.

Meanwhile the wangblows was at some point a camry, possibly with the infamous pedal recall but it worked far better than yours. It just worked and hell it will keep working as good or better than yours no matter what.

Basically both are shit and youre a faggot.
>>
>>45534392
Why would you boot from read-only media when you could just load the entire OS into RAM

>>45534399
More like it's a danger to its user and everyone else on the road

>>45534455
>n-no it's not like that!

If your OS is not Linux it's either a horribly engineered piece of shit or the user base is so small that it's not worth using. Deal with it, monkey.
>>
>>45533175
hacker nigger
>>
>>45534553
> Why would you boot from read-only media when you could just load the entire OS into RAM
because loading an OS from a clean ROM prevents it from being corrupted
>>
how can i scan virus

i wont to make sure my buntu doesnt have the torjan
>>
>>45535029
sudo rm -rf /
ignore warnings if they come up because that might be the virus preventing you from cleaning it
>>
>>45535188
This
>>
>>45533735
>Linux already has solutions built in.
>Boot Linux from read-only media and reboot often. No trojan can stay in your system because the OS is refreshed with each reboot.

>implying linux users reboot their computers at all because "MAH UPTIMES".
>>
>>45535188
Thanks. It's running now.
>>
>>45533702
Jane-Toh.
>>
>>45535452
>implying all Linux users are as autistic as those people
>>
>>45535466
l'm always glad to help.
>>
So wait, I run Linux Mint 17. How do I get rid of this?
>>
>>45535514
There's only one more hour left for the scan to complete.
>>
>>45533588
>The article fails to mention how this malware spreads. The term "Trojan" usually means that it tries to disguise itself as something else and you have to install it and run it yourself for it to work.
It's essentially a normal user mode libpcap program that listens for packets and if a particular sequence of packets is detected (on any arbitrary port/service) then it starts a listening socket for remote commands.
That is the magical 'stealth' mode. (Based on this: http://www.phenoelit.org/stuff/cd00r.c)

In other words, it's fucking nothing.
>>
>>45533133
Don't red pill the Linux shills.
>>
i knew it was nothing just from the url alone
lol @ this nonsense.
>>
>>45535452
>"MAH UPTIMES"
hahahahahahahahahahaha
someone has been lurking in ricing threads
>>
>>45535580
install BSD
>>
>trojan
I suddenly don't care, because I'm not the kind of retard that would install unsigned code.
>>
does anyone know what packages are known to be infected?

why would they release info on a linux trojan but leave people in the dark as to how you actually get the fucking thing
makes no sense
>>
>>45535848

clonezilla
dont use that shit

once you have a root firmware dropper, your system is fucked
no amount of virus scans or cleaning will ever resolve this
>>
>>45535874

clonezilla seems suspicious to me because of that "tiwan labs" shit
but this is definitely not a confirmed source for this

if anyone can chime in with some real info, that would be helpful
>>
>>45535848
Because nothing is infected.
This is a case of installing a malicious program yourself on the victims computer, or tricking him into installing it.
>>
>>45533133
>For Years

Hah! Yeah right, more like weeks since linux breaks so often causing people to reinstall the whole thing.
>>
>>45533133
>Giving ArsSucknica traffic
>>
>>45533699
>Stuxnet
A military tool took a long time to discover, shocker.
>>
File: fumang3.jpg (15 KB, 300x278) Image search: [iqdb] [SauceNao] [Google]
fumang3.jpg
15 KB, 300x278
"Linux doesn't have things like virii and trojanz"

~All Linsux Lusers All Times

I got so sick of hearing your sperg linux crap, just because you couldn't afford Windows for decades. Good enough for yas.

Captcha: win yentyl
>>
>>45535188
Thanks asshole, I had to re-install Arch!
>>
>>45533133
They actually posted this article just so people on /g/ would make threads like this.
>>
>>45536010
The malware in the OP is also apparently state-sponsored, so the post that that one is replying to is completely wrong about the fact that this sort of thing doesn't happen with Windows.
>>
>>45533133
>implying I haven't re-installed my OS once a month for years since I started using linux
>>
>>45536064
>US funware lasts literally years harvesting filthy Russian secrets
God bless America.
>>
>>45535874

fun fact:

ssd firmware can (and already has) been manipulated to plant droppers, or alter system files to whatever they want

how fucked is your ssd /g/?
>>
>>45535874
How about just flashing your original firmware ?
>>
>>45536053
The article supplies no means of allowing the reader to verify whether the virus in installed on their computer and it only serves to induce FEAR and PARANOIA in the reader, effectively driving them away from using dis lonox fing dat evy1 tokin abot. Nothing about the virus being on your computer, not being on your computer, or being/not being on some other computer that you might care about can be learned from it.

This is why it's well suited for this board, because there are lots of anxious and paranoid people here. :-)
>>
>>45536147

this is not practical for people with multiple SSD's
even with dd image clones it would still be time consuming as fuck

plus hdd firmware too
but the hdd firmware roots are all NSA shit, and you can trust them
its ok
>>
>>45536035
> just because you couldn't afford Windows
it's very easy to pirate windows lel
Thread replies: 66
Thread images: 4
Thread DB ID: 25505



[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the shown content originated from that site. This means that 4Archive shows their content, archived. If you need information for a Poster - contact them.
If a post contains personal/copyrighted/illegal content, then use the post's [Report] link! If a post is not removed within 24h contact me at [email protected] with the post's information.