Techzim

Zimbabwe and regional technology news and updates

advertisement
advertisement

RECHARGE

Nyaradzo logo

Linux is not invulnerable, here are some top Linux malware in 2021

So yesterday I wrote about the latest iteration of Ubuntu 20.04 LTS coming out in my usual glowing terms. I feel like there was nothing amiss in that article after all Ubuntu, especially the version in question, is a stellar operating system that is rock solid and has served me well. A few people however decided to call me on my bias and asked me to publicly admit that there is no such thing as an invulnerable operating system under the sun.

So here is me doing exactly that. I think I should repeat that for emphasis: There is no such thing as an invulnerable operating system under the sun. I often say the best way to make your computer impenetrable is to shut it down and pulverise it thoroughly with a hammer. But even then who knows? I have seen FBI nerds in real movies pull information on a single surviving chip.

Why I think Linux is inherently secure?

What makes Linux better than Windows in my opinion is not just the open-source code that is reviewed by scores of experts around the world. It’s the philosophy behind it all. In Windows, ignorant users can click around and blunder the way to productivity. The system is meant to be easy and fits many use cases by default. All you need to do is boot up, enter your password or just stare at your computer to login, get to the desktop and click on Chrome and you are watching cat videos.

In Linux, things can be but are usually not that easy. While you can use Windows without knowing what a registry is. In Linux, you have to be hands-on with your configurations. Every action you take has to be deliberate otherwise your risk breaking things. Often you have to set up your desktop the way you want, Chrome is not installed by default and sometimes you cannot even play videos until you install the right codecs. Linux forces you to learn and pay attention to what you are doing. You are often forced to learn why you are doing things in addition to how to do things.

Top leading Linux malware in 2021

Now that we have put the explanations out of the way it’s time to look at some of the top Linux Malware in 2021. One thing to note is that cloud-centric malware dominates in Linux. There are probably a couple of reasons for this including:

  • Linux rules the cloud. There is no other way to put it. This means there are more Linux cloud instances than the competition. Naturally that means more targets
  • These targets tend to be more valuable that desktop targets. A company attacked by ransomware is more likely to pay than a dude in Harare.
  • A lot of amateurs are sometimes forced to spin up instances without securing them well if they want to use cloud apps. Let us say you want to start a WordPress blog, most people just follow some How to guide without securing their server properly. Same goes with email server,s minecraft servers etc. Dudes who normally use Windows are to blame.

Below are the top malware in Linux according to Trend Micro

  1. Coinminners-there are several of these but basically the idea is to use your cloud/computer resources to mine crypto-currencies. You can identify these threats on Linux by checking resource usage constantly. Most coinmining software is greedy and tries to grab as much resources as possible to maximise the chances of making a profit
  2. Web shells-again they are several including ones that target Content Management Systems like WordPress. The idea here is simple the attacker wants to gain remote control of your machine. Most of the time the goal is to set up some relay server to send spam or to deface your site and put spammy advertising link that point to the attacker’s website.
  3. Ransomware-for example they are Linux variants of REvil. The goal is to demand payment in return for data.
  4. Trojans-these are meant to steal data. Again they are popular with content management system attacks. Examples are scripts that are used to steal customer’s credit card details.

One thing to note from the above is that unlike in Windows, Linux malware is often heavily customised by attackers to target a specific vulnerability and often each Linux system is unique. This means that it’s rare to see one specific piece of malware dominate instead you have families of related malware.

How to protect yourself?

Again I am biased but I believe identifying and thwarting an attack in Linux is pretty easy. You have tools like UFW (or better yet iptables) to lock down your internet connection in ways that are unimaginable in Windows. For example, whenever I set up a new cloud server I simply block all non-Zimbabwean IPs by default. That alone removes 99.99% of the threats from the table.

Also, make it a habit to uninstall software you don’t need. Better still when installing make sure you only install the base operating system with as little stuff as possible. You can then add only just the stuff you need. Why install Apache on a Minecraft or mail server? Do you really need FTP? If not stop and disable the service via ssh.

Above all. Always check the logs. Always. Check resource usage too and see if it tallies with what you expect.


Quick NetOne, Econet, And Telecel Airtime Recharge

6 thoughts on “Linux is not invulnerable, here are some top Linux malware in 2021

  1. advertisement
    RECHARGE
    Buy Airtime
    Pay ZESA
    Pay Nyaradzo
    Linux is not invulnerable, here are some top Linux malware in 2021
    Posted on August 28, 2021 by Garikai Dzoma

    So yesterday I wrote about the latest iteration of Ubuntu 20.04 LTS coming out in my usual glowing terms. I feel like there was nothing amiss in that article after all Ubuntu, especially the version in question, is a stellar operating system that is rock solid and has served me well. A few people however decided to call me on my bias and asked me to publicly admit that there is no such thing as an invulnerable operating system under the sun.

    So here is me doing exactly that. I think I should repeat that for emphasis: There is no such thing as an invulnerable operating system under the sun. I often say the best way to make your computer impenetrable is to shut it down and pulverise it thoroughly with a hammer. But even then who knows? I have seen FBI nerds in real movies pull information on a single surviving chip.

    Why I think Linux is inherently secure?
    What makes Linux better than Windows in my opinion is not just the open-source code that is reviewed by scores of experts around the world. It’s the philosophy behind it all. In Windows, ignorant users can click around and blunder the way to productivity. The system is meant to be easy and fits many use cases by default. All you need to do is boot up, enter your password or just stare at your computer to login, get to the desktop and click on Chrome and you are watching cat videos.

    In Linux, things can be but are usually not that easy. While you can use Windows without knowing what a registry is. In Linux, you have to be hands-on with your configurations. Every action you take has to be deliberate otherwise your risk breaking things. Often you have to set up your desktop the way you want, Chrome is not installed by default and sometimes you cannot even play videos until you install the right codecs. Linux forces you to learn and pay attention to what you are doing. You are often forced to learn why you are doing things in addition to how to do things.

    Top leading Linux malware in 2021
    Now that we have put the explanations out of the way it’s time to look at some of the top Linux Malware in 2021. One thing to note is that cloud-centric malware dominates in Linux. There are probably a couple of reasons for this including:

    Linux rules the cloud. There is no other way to put it. This means there are more Linux cloud instances than the competition. Naturally that means more targets
    These targets tend to be more valuable that desktop targets. A company attacked by ransomware is more likely to pay than a dude in Harare.
    A lot of amateurs are sometimes forced to spin up instances without securing them well if they want to use cloud apps. Let us say you want to start a WordPress blog, most people just follow some How to guide without securing their server properly. Same goes with email server,s minecraft servers etc. Dudes who normally use Windows are to blame.
    Below are the top malware in Linux according to Trend Micro

    Coinminners-there are several of these but basically the idea is to use your cloud/computer resources to mine crypto-currencies. You can identify these threats on Linux by checking resource usage constantly. Most coinmining software is greedy and tries to grab as much resources as possible to maximise the chances of making a profit
    Web shells-again they are several including ones that target Content Management Systems like WordPress. The idea here is simple the attacker wants to gain remote control of your machine. Most of the time the goal is to set up some relay server to send spam or to deface your site and put spammy advertising link that point to the attacker’s website.
    Ransomware-for example they are Linux variants of REvil. The goal is to demand payment in return for data.
    Trojans-these are meant to steal data. Again they are popular with content management system attacks. Examples are scripts that are used to steal customer’s credit card details.
    One thing to note from the above is that unlike in Windows, Linux malware is often heavily customised by attackers to target a specific vulnerability and often each Linux system is unique. This means that it’s rare to see one specific piece of malware dominate instead you have families of related malware.

    How to protect yourself?
    Again I am biased but I believe identifying and thwarting an attack in Linux is pretty easy. You have tools like UFW (or better yet iptables) to lock down your internet connection in ways that are unimaginable in Windows. For example, whenever I set up a new cloud server I simply block all non-Zimbabwean IPs by default. That alone removes 99.99% of the threats from the table.

    Also, make it a habit to uninstall software you don’t need. Better still when installing make sure you only install the base operating system with as little stuff as possible. You can then add only just the stuff you need. Why install Apache on a Minecraft or mail server? Do you really need FTP? If not stop and disable the service via ssh.

    Above all. Always check the logs. Always. Check resource usage too and see if it tallies with what you expect.

    share
    Click to share on WhatsApp (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on Twitter (Opens in new window)Click to share on LinkedIn (Opens in new window)
    Quick NetOne, Econet, And Telecel Airtime Recharge
    Number to recharge:

    Airtime amount ($):

    EcoCash or OneMoney number:

    BUY
    Posted in Hardware & Software
    Tagged Linux Ubuntu, Ubuntu, Ubuntu 20.04
    Post navigation
    Previous: Apple pays off developers in a bid to buy them off
    Next: It’s the end of an era as popular Usenet platform Newzbin shuts down
    Leave a Reply
    Your email address will not be published.

    Comment

    Name

    Email

    Website

    Save my name, email, and website in this browser for the next time I comment.

    Yes, add me to your mailing list
    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    RECHARGE
    Buy Airtime
    Pay ZESA
    Pay Nyaradzo
    Subscribe for Road Angels

    Pay DStv using USD Card

    Pay DStv using ZW$
    Buy Business Airtime
    #FreeData! This website works even when you don’t have data or a bundle (Econet only).
    Spread the word
    We are also here
    2021-08-29 pageviews 3726
    2021 © Techzim All rights reserved.
    Hosted By Cloud Unboxed
    Except where otherwise noted, content on and from this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

    Privacy Policy

  2. advertisement
    RECHARGE
    Buy Airtime
    Pay ZESA
    Pay Nyaradzo
    Linux is not invulnerable, here are some top Linux malware in 2021
    Posted on August 28, 2021 by Garikai Dzoma

    So yesterday I wrote about the latest iteration of Ubuntu 20.04 LTS coming out in my usual glowing terms. I feel like there was nothing amiss in that article after all Ubuntu, especially the version in question, is a stellar operating system that is rock solid and has served me well. A few people however decided to call me on my bias and asked me to publicly admit that there is no such thing as an invulnerable operating system under the sun.

    So here is me doing exactly that. I think I should repeat that for emphasis: There is no such thing as an invulnerable operating system under the sun. I often say the best way to make your computer impenetrable is to shut it down and pulverise it thoroughly with a hammer. But even then who knows? I have seen FBI nerds in real movies pull information on a single surviving chip.

    Why I think Linux is inherently secure?
    What makes Linux better than Windows in my opinion is not just the open-source code that is reviewed by scores of experts around the world. It’s the philosophy behind it all. In Windows, ignorant users can click around and blunder the way to productivity. The system is meant to be easy and fits many use cases by default. All you need to do is boot up, enter your password or just stare at your computer to login, get to the desktop and click on Chrome and you are watching cat videos.

    In Linux, things can be but are usually not that easy. While you can use Windows without knowing what a registry is. In Linux, you have to be hands-on with your configurations. Every action you take has to be deliberate otherwise your risk breaking things. Often you have to set up your desktop the way you want, Chrome is not installed by default and sometimes you cannot even play videos until you install the right codecs. Linux forces you to learn and pay attention to what you are doing. You are often forced to learn why you are doing things in addition to how to do things.

    Top leading Linux malware in 2021
    Now that we have put the explanations out of the way it’s time to look at some of the top Linux Malware in 2021. One thing to note is that cloud-centric malware dominates in Linux. There are probably a couple of reasons for this including:

    Linux rules the cloud. There is no other way to put it. This means there are more Linux cloud instances than the competition. Naturally that means more targets
    These targets tend to be more valuable that desktop targets. A company attacked by ransomware is more likely to pay than a dude in Harare.
    A lot of amateurs are sometimes forced to spin up instances without securing them well if they want to use cloud apps. Let us say you want to start a WordPress blog, most people just follow some How to guide without securing their server properly. Same goes with email server,s minecraft servers etc. Dudes who normally use Windows are to blame.
    Below are the top malware in Linux according to Trend Micro

    Coinminners-there are several of these but basically the idea is to use your cloud/computer resources to mine crypto-currencies. You can identify these threats on Linux by checking resource usage constantly. Most coinmining software is greedy and tries to grab as much resources as possible to maximise the chances of making a profit
    Web shells-again they are several including ones that target Content Management Systems like WordPress. The idea here is simple the attacker wants to gain remote control of your machine. Most of the time the goal is to set up some relay server to send spam or to deface your site and put spammy advertising link that point to the attacker’s website.
    Ransomware-for example they are Linux variants of REvil. The goal is to demand payment in return for data.
    Trojans-these are meant to steal data. Again they are popular with content management system attacks. Examples are scripts that are used to steal customer’s credit card details.
    One thing to note from the above is that unlike in Windows, Linux malware is often heavily customised by attackers to target a specific vulnerability and often each Linux system is unique. This means that it’s rare to see one specific piece of malware dominate instead you have families of related malware.

    How to protect yourself?
    Again I am biased but I believe identifying and thwarting an attack in Linux is pretty easy. You have tools like UFW (or better yet iptables) to lock down your internet connection in ways that are unimaginable in Windows. For example, whenever I set up a new cloud server I simply block all non-Zimbabwean IPs by default. That alone removes 99.99% of the threats from the table.

    Also, make it a habit to uninstall software you don’t need. Better still when installing make sure you only install the base operating system with as little stuff as possible. You can then add only just the stuff you need. Why install Apache on a Minecraft or mail server? Do you really need FTP? If not stop and disable the service via ssh.

    Above all. Always check the logs. Always. Check resource usage too and see if it tallies with what you expect.

    share
    Click to share on WhatsApp (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on Twitter (Opens in new window)Click to share on LinkedIn (Opens in new window)
    Quick NetOne, Econet, And Telecel Airtime Recharge
    Number to recharge:

    Airtime amount ($):

    EcoCash or OneMoney number:

    BUY
    Posted in Hardware & Software
    Tagged Linux Ubuntu, Ubuntu, Ubuntu 20.04
    Post navigation
    Previous: Apple pays off developers in a bid to buy them off
    Next: It’s the end of an era as popular Usenet platform Newzbin shuts down
    Leave a Reply
    Your email address will not be published.

    Comment

    Name

    Email

    Website

    Save my name, email, and website in this browser for the next time I comment.

    Yes, add me to your mailing list
    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    RECHARGE
    Buy Airtime
    Pay ZESA
    Pay Nyaradzo
    Subscribe for Road Angels

    Pay DStv using USD Card

    Pay DStv using ZW$
    Buy Business Airtime
    #FreeData! This website works even when you don’t have data or a bundle (Econet only).
    Spread the word
    We are also here
    2021-08-29 pageviews 3726
    2021 © Techzim All rights reserved.
    Hosted By Cloud Unboxed
    Except where otherwise noted, content on and from this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

    Privacy Policy
    advertisement
    RECHARGE
    Buy Airtime
    Pay ZESA
    Pay Nyaradzo
    Linux is not invulnerable, here are some top Linux malware in 2021
    Posted on August 28, 2021 by Garikai Dzoma

    So yesterday I wrote about the latest iteration of Ubuntu 20.04 LTS coming out in my usual glowing terms. I feel like there was nothing amiss in that article after all Ubuntu, especially the version in question, is a stellar operating system that is rock solid and has served me well. A few people however decided to call me on my bias and asked me to publicly admit that there is no such thing as an invulnerable operating system under the sun.

    So here is me doing exactly that. I think I should repeat that for emphasis: There is no such thing as an invulnerable operating system under the sun. I often say the best way to make your computer impenetrable is to shut it down and pulverise it thoroughly with a hammer. But even then who knows? I have seen FBI nerds in real movies pull information on a single surviving chip.

    Why I think Linux is inherently secure?
    What makes Linux better than Windows in my opinion is not just the open-source code that is reviewed by scores of experts around the world. It’s the philosophy behind it all. In Windows, ignorant users can click around and blunder the way to productivity. The system is meant to be easy and fits many use cases by default. All you need to do is boot up, enter your password or just stare at your computer to login, get to the desktop and click on Chrome and you are watching cat videos.

    In Linux, things can be but are usually not that easy. While you can use Windows without knowing what a registry is. In Linux, you have to be hands-on with your configurations. Every action you take has to be deliberate otherwise your risk breaking things. Often you have to set up your desktop the way you want, Chrome is not installed by default and sometimes you cannot even play videos until you install the right codecs. Linux forces you to learn and pay attention to what you are doing. You are often forced to learn why you are doing things in addition to how to do things.

    Top leading Linux malware in 2021
    Now that we have put the explanations out of the way it’s time to look at some of the top Linux Malware in 2021. One thing to note is that cloud-centric malware dominates in Linux. There are probably a couple of reasons for this including:

    Linux rules the cloud. There is no other way to put it. This means there are more Linux cloud instances than the competition. Naturally that means more targets
    These targets tend to be more valuable that desktop targets. A company attacked by ransomware is more likely to pay than a dude in Harare.
    A lot of amateurs are sometimes forced to spin up instances without securing them well if they want to use cloud apps. Let us say you want to start a WordPress blog, most people just follow some How to guide without securing their server properly. Same goes with email server,s minecraft servers etc. Dudes who normally use Windows are to blame.
    Below are the top malware in Linux according to Trend Micro

    Coinminners-there are several of these but basically the idea is to use your cloud/computer resources to mine crypto-currencies. You can identify these threats on Linux by checking resource usage constantly. Most coinmining software is greedy and tries to grab as much resources as possible to maximise the chances of making a profit
    Web shells-again they are several including ones that target Content Management Systems like WordPress. The idea here is simple the attacker wants to gain remote control of your machine. Most of the time the goal is to set up some relay server to send spam or to deface your site and put spammy advertising link that point to the attacker’s website.
    Ransomware-for example they are Linux variants of REvil. The goal is to demand payment in return for data.
    Trojans-these are meant to steal data. Again they are popular with content management system attacks. Examples are scripts that are used to steal customer’s credit card details.
    One thing to note from the above is that unlike in Windows, Linux malware is often heavily customised by attackers to target a specific vulnerability and often each Linux system is unique. This means that it’s rare to see one specific piece of malware dominate instead you have families of related malware.

    How to protect yourself?
    Again I am biased but I believe identifying and thwarting an attack in Linux is pretty easy. You have tools like UFW (or better yet iptables) to lock down your internet connection in ways that are unimaginable in Windows. For example, whenever I set up a new cloud server I simply block all non-Zimbabwean IPs by default. That alone removes 99.99% of the threats from the table.

    Also, make it a habit to uninstall software you don’t need. Better still when installing make sure you only install the base operating system with as little stuff as possible. You can then add only just the stuff you need. Why install Apache on a Minecraft or mail server? Do you really need FTP? If not stop and disable the service via ssh.

    Above all. Always check the logs. Always. Check resource usage too and see if it tallies with what you expect.

    share
    Click to share on WhatsApp (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on Twitter (Opens in new window)Click to share on LinkedIn (Opens in new window)
    Quick NetOne, Econet, And Telecel Airtime Recharge
    Number to recharge:

    Airtime amount ($):

    EcoCash or OneMoney number:

    BUY
    Posted in Hardware & Software
    Tagged Linux Ubuntu, Ubuntu, Ubuntu 20.04
    Post navigation
    Previous: Apple pays off developers in a bid to buy them off
    Next: It’s the end of an era as popular Usenet platform Newzbin shuts down
    Leave a Reply
    Your email address will not be published.

    Comment

    Name

    Email

    Website

    Save my name, email, and website in this browser for the next time I comment.

    Yes, add me to your mailing list
    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    RECHARGE
    Buy Airtime
    Pay ZESA
    Pay Nyaradzo
    Subscribe for Road Angels

    Pay DStv using USD Card

    Pay DStv using ZW$
    Buy Business Airtime
    #FreeData! This website works even when you don’t have data or a bundle (Econet only).
    Spread the word
    We are also here
    2021-08-29 pageviews 3726
    2021 © Techzim All rights reserved.
    Hosted By Cloud Unboxed
    Except where otherwise noted, content on and from this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

    Privacy Policy

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.