Linux is being hailed as being impenetrable to malware. In all honesty, any computer which is part of a network is at risk, regardless of the operating system. Unlike its Windows OS counterpart, Linux has not seen as many computer viruses, trojans, backdoors atc. This has led some to thinking that Linux is almost insusceptible to attacks.
Why is Linux less-vulnerable to attacks?
The Windows OS is more popular than Linux, thus, malware-authors will favour writing viruses which can spread faster, reach more users and therefore go viral (pun intended). It turns out that less people are using Linux, so we don’t get to see as many attacks. Fewer users, hence less zeal for attackers to propagate attacks.
Realistically, Linux is more secure than Windows with its tougher security infrastructure. Getting to the nitty-gritty technical details of attachments, in windows, malware comes as executable files (.exe). The compressed .zip versions will probably carry .exe files too.When run in Windows, bam! It’s infected. On Linux, the system wouldn’t execute such a file. Other attachments with .rpm extensions exist. An .rpm attachment on an RPM-based system will run only if a root or sudo password is given.
Files cannot be automatically downloaded or executed. Linux does not easily deliver root or administrative access like Windows. In Linux systems, there is the separation of data and code, which limits the likelihood of document-based attacks. A Windows virus can’t infect a Linux OS unless Wine is installed and run as root.
Is Linux malware out there?
Yes! Wikipedia has a full list too! Granted, there are very few, but they do still exist. Few are out in the wild and most of them have been rendered obsolete by Linux updates. Mirai was a popular malware which hit back in 2016. It attacked passwords and networks, exploiting vulnerabilities existing in routers, cameras. After reaching many devices, this malware formed a botnet meant to carry out mass DDoS attacks.
Cryptocurrency miners are looking forward to exploiting as many platforms as possible in order to increase their overall gain. Monero-mining malware such as RubyMiner has hit the shelves. And guess what; it’ll run on Windows as well as Linux servers.
Mayhem – 32/64-bit Linux/FreeBSD multifunctional botnet.
Linux.Remaiten which targeted the Internet of Things. It uses brute force techniques to bypass Linux security measures and infect a system.
Snakso-A – 64-bit Linux webserver rootkit.
As of 2018, there has not yet been a single widespread Linux virus or malware infection of the type that is common on Microsoft Windows; this is attributable generally to the malware’s lack of root access and fast updates to most Linux vulnerabilities. However, Linux is not immune, so you should get an anti-virus. Consider an anti-virus solution such as ClamAV. The rkhunter tool will help reduce rootkit attacks. Rootkits are bad demons which can take over your system and make it almost impossible it recover. Lynis is also an impressive tool to scan Linux systems for any vulnerabilities.