Can someone explain to me how this malware can be harmful in Linux? How is this malware delivered?

Downloading a file and double-clicking on it won’t accomplish much in Linux. Because this file must first be made executable through an action by the user (i.e. the person behind the keyboard), and then the user himself must also enter his password before installing and activating this software on your system. Making itself executable is much more difficult than it is in Windows. And I’m not even mentioning that many Linux distributions have different types of executables that won’t work under another distribution. I mean: a .deb file cannot simply be installed on RHEL, Fedora, and their derivatives, nor can a .rpm file be installed on Debian, Ubuntu, and Linux Mint.

However, installing an antivirus on Linux (which Kaspersky is probably after) has not been a good idea yet. there here To read more about it (for those who don’t know this site yet).

There are often claims of Linux malware, but so far I haven’t seen any effective Malware surfaces and also causes actual damage. Therefore, Kaspersky will not be able to convince many Linux users to use their products. Not me anyway….

Update: Additional information has been found on this topic. This is what he says:

On Linux, the malware takes the name “sd-pam”. It achieves persistence by using systemd services, a .desktop file to start automatically, or by modifying various profiles and startup files, such as /etc/rc*, profile, bashrc, or inittab files.

It seems to me that interaction is still required from the user.

[Reactie gewijzigd door Qalo op 28 oktober 2023 13:44]