And, Linux has been a target for Malware for … for … well, in my current search of the subject, Linux has had Malware problems since at least 2014 (that’s just the year I stopped my search). However, the Malware problems for Linux have been around a lot longer than that.

A brief history of Linux malware:

By Jon Gold, Network World Dec 11, 2014
A look at some of the worms and viruses and Trojans that have plagued Linux throughout the years.

Nobody’s immune

Although not as common as malware targeting Windows or even OS X, security threats to Linux have become both more numerous and more severe in recent years. There are a couple of reasons for that – the mobile explosion has meant that Android (which is Linux-based) is among the most attractive targets for malicious hackers, and the use of Linux as a server OS for and in the data center has also grown – but Linux malware has been around in some form since well before the turn of the century.

This is an old article, and is difficult to just ‘Copy & Paste’ it (for some reason?!). I will paste some bullet points…

  • Staog (1996) – The first recognized piece of Linux malware was Staog … snip … the concept of the Linux virus had been proved.
  • Bliss (1997) – If Staog was the first, however, Bliss was the first to grab the headlines…
  • Ramen/Cheese (2001) – Cheese is the malware you actually want to get…
  • Slapper (2002)

Others mentioned in that article were Badbunny (2007), Snakso (2012), Hand of Thief (2013), Windigo (2014), Shellshock/Mayhem (2014), and Turla (2014). It also mentioned something about “predates Heartbleed by 12 years” so the article probably didn’t mention them all. (Note: FireFox had problems viewing this article, but the slideshow worked well in Chrome.)

Why doesn’t the Linux Community and Linux websites/magazines mention this Linux Malware problem more often? I am not sure…have been personally piddling with Linux since 1996, and guess that I blindly accepted what I had mostly heard from Linux users and Linux writers, i.e. ‘Linux doesn’t have malware problems.’ Perhaps others also went along blindly. Linux has had such a small desktop/laptop user base (2% of total Desktop OS users), for decades, that negative news isn’t welcomed and/or gets ignored easily. However, since it has been a Linux ‘Selling Point’ for years, and it clearly started out as a lie promoted by someone or group – that lie now needs to be corrected, and the truth pointed out that Linux does have a serious Malware problem. BTW, I will also be adding this post to the Linux Security Issues page.

Heck, it’s certainly hasn’t been a ‘Top Secret’ that Linux has/had Malware problems, so I really can’t explain why anyone would say that ‘Linux doesn’t have malware problems.’ This from 2016 – World’s biggest Linux distro infected with malware:

Linux Mint sits firmly at the top of the last year’s worth of stats in the Distrowatch list, so it’s unarguably a popular distro, at least for end-users … snip … In short: if you’re a Mint user, and you downloaded a Mint 17.3 Cinnamon ISO over the the weekend, and you didn’t validate the ISO’s checksum against an officially published list, and you installed the ISO, you probably have malware on your computer.

It apparently got worse … Mint’s Clem wrote – All forums users should change their passwords:

It was confirmed that the forums database was compromised during the attack led against us yesterday and that the attackers acquired a copy of it. If you have an account on forums.linuxmint.com, please change your password on all sensitive websites as soon as possible.

I started this post with two other links on Linux Malware that were to be the focus of this post; however, so many other links kept showing up that I went with them instead…some of them instead, since a “Linux malware” Google search leads to a lot of links. That last info on Mint has caught me off guard, since I had no idea that Mint had ever had Malware problems, even tho Mint’s Clem (Clement Lefebvre – Overall project and development team) had written about it in 2016!?!?

Will end and post as is, and it’s starting to look like the new Linux Security Issues page is going to end up being a long series…