Friday, April 1, 2011

[LINUX_Newbies] New virus infects Linux and Windows platforms (cross-platform infections)

 

*

New virus infects Linux and Windows platforms (cross-platform
infections).....

*
**
*Winux Virus
New virus infects Linux and Windows platforms*: security technology
studies microsoft windows versions linux viruses malicious payload
william stearns....
http://antivirus.about.com/library/weekly/aa032801a.htm
*Winux: Two in One Virus
* The first Windows, Linux cross-platform virus discovered
http://antivirus.about.com/library/weekly/aa032801a.htm
"Virus researchers have discovered a new breed of virus that infects
both Windows and Linux files on Intel-based Pentium PC's. Considered a
proof-of-concept virus, it has not been found in-the-wild. As such, it
is not posing a threat to users, but could signal the beginning of a new
precedent in virus writing - the cross-platform threat. Within less than
a day of discovery, the new virus has already been assigned a number of
different names, including Linux.PEElf.2132, W32.Winux, Linux.Winux,
W32/Lindose, and W32.PEElf.2132. .....
*/_HISTORY....._/*
*//*
*Cross-platform Virus Infects Linux And Windows
*http://www.networkcomputing.com/data-protection/cross-platform-virus-infects-linux-and-windows.php
*April 7, 2006
*A Russian security company announced Friday that it had found a
cross-over virus that can infect PCs running either the open-source
Linux or Microsoft Windows operating systems. Dubbed "Linux.Bi.a" and
"Win32.Bi.a," the split-personality malware doesn't do any damage.
Instead, said Moscow-based Kaspersky Labs in an online briefing, it's a
proof-of-concept to prove that a cross-platform virus is possible.
*Java Based Cross Platform Malware Trojan (Mac/Linux/Windows)
*http://www.darknet.org.uk/2011/01/java-based-cross-platform-malware-trojan-maclinuxwindows/
*20 January 2011
*It's pretty rare to read about malware on the Linux or Mac OSX
platforms and even more rare to read about cross-platform malware which
targets both AND Windows by using Java. A neat piece of coding indeed,
it targets vulnerabilities in all 3 operating systems -- the sad thing?
The malware itself is vulnerable to a basic directory traversal exploit,
which means rival gangs can actually commandeer the infected targets.
They went to lengths to keep it secure and unseen (encrypted
communications etc) -- but didn't program the malware itself securely...
Computerworld -
http://www.computerworld.com/s/article/110330/Kaspersky_warns_of_cross_platform_virus_proof_of_concept
*Kaspersky Labs is reporting a new proof-of-concept virus capable of
infecting both Windows and Linux systems.*
The cross-platform virus is relatively simple and appears to have a low
impact, according to Kaspersky. Even so, it could be a sign that virus
writers are beginning to research ways of writing new code capable of
infecting multiple platforms, said Shane Coursen, senior technical
consultant at Kaspersky.

*/_RELATED:
_/*Torvalds Patches Linux Kernel, Fixes Broken Virus -
http://www.pcworld.com/article/125461/torvalds_patches_linux_kernel_fixes_broken_virus.html
PCWorld
After discovering that the virus didn't work on recent versions of
Linux, ...
*" We may see another virus using the same method of cross-platform
infection. ... " *
Linux malware From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Linux_malware
*A new area of concern identified in 2007 is that of cross-platform* ...
was discovered that contained a script that used the infected Linux PC
in denial-of- service attacks. ... *There are a number of anti-virus
applications available for Linux*, .... Windows Viruses".
*_FROM OUR BLOG ON THIS...... _*
*My Linux choice -- Ubuntu (dual boot systems, security myth already)
August 15, 2010 --- bluecollarpc
*https://bluecollarpcwebs.wordpress.com/2010/08/15/my-linux-choice-ubuntu-dual-boot-systems-security-myth-already/
"....Of course as webmaster of the BlueCollarPC since 2005, I am
obviously very, very, very security oriented and share this as a
Community Help site -- free (Windows OS). We can review original 'horn
locking' from mid-decade (2000 -- 2010) in the several arguments that
Firefox browser, Linux OS (operating system) , Apple/Mac were safer than
Windows between the two operating system users and conclude that in this
new decade Windows users may begin to flock to Linux as a "back up
system" to Windows being inoperative due to malwares. This is along the
lines that much malware on Windows used the Active X maliciously (like
trojans or malware toolbars, etc.) in Internet Explorer browser and the
Mozilla Firefox browser operated without it. So the arguements began and
the hype and so on that "Firefox is safer than Internet Explorer" and
many, many Windows users have installed Firefox as a back up browser to
use in the event malware affecting the Internet Explorer in some lock
out denial of service manner occurred. In the early days this was
working to achieve logging onto the internet when you could not on IE
(Microsoft Internet Explorer, part of Windows OS). But cybercrime has
evolved greatly in a very, very, very short time and with today's botnet
activities and infections -- they can simply block many browsers from
navigating to security sites for removal help and software and
utilities. There was also a cross-infection that was achieved between
the two browsers -- Firefox and IE.
So, although this may be true in the Linux add on as a back up system
right in the same computer (dual boot) with Windows - along those same
lines as the 'back up browser' -- cyber crime no doubt has and is
working on some "cross platform" type infection ability -- cross
operating system malware -- to rule this out, meaning as fast as we get
there with this idea -- they have already seen us coming. Suddenly just
a couple years ago, all the Linux and Apple/Mac malwares were discovered
and do not forget the other argument -- Linux and Apple/Mac were safer
simply because 90 percent of the world was on Windows and are the target
of the cyber criminal underground meaning Windows users are "where the
money is". This is relating to the malicious ID Theft activity by cyber
criminals and other various spyware scenarios and nefarioius use.
In this new decade (2010 -- 2020) - I obviously predict this occurrence
of the cross operating system infection for dual boot observing this --
user security options as adding another OS creating a dual boot system
computer. It will be exploding with all the ways in a dual boot system
using Linux and Windows of how you can use Linux to actually hack back
into the infected Windows sytem to get rid of malware infection. This is
already possible in various ways. Not long and it is going to be the
same with just Windows as with dual boot systems -- in worst infections
there will be no way in to remove it. ....."

ESET NOD32 has won the most awards for Windows protection...
(about 25 percent more than second and third place worldwide - Symantec,
Sophos)
ESET NOD32 Currently 59 VB100 awards !
http://www.eset.com/
http://en.wikipedia.org/wiki/ESET_NOD32
This brings the ESET Antivirus VB100 award total to 59 - still
the highest of any antivirus vendor!
December 2009 - ESET antivirus scoops 59th VB100 Award
http://www.betterantivirus.com/nod32-and-virus-news/archives/1456-December-2009-ESET-antivirus-scoops-59th-VB100-Award.html
....So you figure if you absolutely need/want protection - they are a
superb company....
ESET NOD32 Antivirus 4 for Linux Desktop Beta Program
Whether you use your Linux desktop to surf the Web or work on shared
office documents, it is vulnerable to direct attacks by malware or may
be targeted as a carrier for cross-platform viruses and other threats
designed to target Windows and Macs. Network shares, email and removable
media like USB keys are easy ways for multiplatform malware to spread
under the radar.
Runs on the following distributions: Debian, Fedora, Mandriva, RedHat,
SuSE, Ubuntu, and other RPM and DEB package manager based installations.
kernel >= 2.6
GNU C Library 2.3 or newer
GTK+ 2.6 or newer
LSB 3.1 compatibility recommended
*THE MORE LINUX IS USED, THE MORE THE NEED AND REALIZATION OF COMBO
PACKAGES FROM SECURITY PRODUCTS NO DOUBT* !
Research Item:
Executable and Linkable Format
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Executable_and_Linkable_Format
I personally have been hedgy about dual boot (Linux and Windows on same
computer) and have mine (Ubuntu Linux) on my Windows Vista machine of
the which Vista is noteably the safest Windows operating system EVER
conceived that does not allow viruses to "write to the computer disk"
and any virus can only achieve residing temporarily in the tempfiles
which would need stupidity or being duped to click and execute the
infection. As well with UAC (User Account Control) on as recommended
that does this protection -there is NO rootkit that can possibly run on
Vista EVER found. ....
Vista's Despised UAC Nails Rootkits, Tests Find - Business Center ...
http://www.pcworld.com/businesscenter/article/146256/vistas_despised_uac_nails_rootkits_tests_find.html

May 25, 2008 ... Most users find it annoying, but Vista's Account Control
feature proves most effective in security tests.....
QUOTED....
"....Love or hate its nagging prompts, Vista's Account Control feature
(UAC) has a security feature that marks it out from any other type of
Windows security programme -- it can spot rootkits before they install.
This is one finding buried in a report published in two German computer
magazines some months ago after testing by the respected AV-Test.org
<http://www.pcworld.com/article/id,136206/article.html?tk=rel_news>,
which set out to find out how well antivirus programs
<http://www.pcworld.com/browse/1228/topic.html?page=1&typeId=3?tk=rel_news>fared
against known rootkits.
The answer was not particularly well at all, either for Windows XP, or
Vista-oriented products. Of 30 rootkits thrown at XP anti-malware
scanners, none of the seven AV suites found all 30, a similar story to
the six web-based scanners assessed. Only four of the 14 specialized
anti-rootkit tools managed a perfect score.

Best Protection

The best of the all-purpose suites was Avira AntiVir Premium Security
Suite, which found 29 active rootkits, with Norton finding as few as 18.
The anti-rootkit tools fared better, with AVG Anti-Rootkit Free, GMER,
Rootkit Unhooker LE, and Trend Micro Rootkit Buster achieving perfect
scores. The scores for removal were patchy, however, with all failing to
remove any of the rootkits they had found.

*The results for Vista products were harder to assess because only six
rootkits could run on the OS, but the testers had to turn off UAC to get
even this far. **Vista's UAC itself **spotted everything thrown in front
of it.*

*Only three of the 17 AV tools for Vista managed to both detect and
successfully remove them, F-Secure Anti-Virus 2008, Panda Security
Antivirus 2008, and Norton Antivirus 2008.*

Once on a PC, rootkits can bury themselves quietly, but they have to get
to that point first. As long as users interpret prompts from the UAC
system attentively, or those messages haven't in some way been spoofed,
rootkits struggle to jump to the PC without drawing attention to themselves.

That UAC can tell a user when a rootkit is trying to install itself is
not in itself surprising, as Vista is supposedly engineered from the
ground up to intercept all applications requests of any significance.

[Non-text portions of this message have been removed]

__._,_.___
Recent Activity:
To unsubscribe from this list, please email LINUX_Newbies-unsubscribe@yahoogroups.com & you will be removed.
MARKETPLACE

Stay on top of your group activity without leaving the page you're on - Get the Yahoo! Toolbar now.


Find useful articles and helpful tips on living with Fibromyalgia. Visit the Fibromyalgia Zone today!

.

__,_._,___

No comments:

Post a Comment