New virus infects Linux and Windows platforms (cross-platform infections)

New virus infects Linux and Windows platforms (cross-platform infections)…..

  
Winux Virus
New virus infects Linux and Windows platforms
: security technology studies microsoft windows versions linux viruses malicious payload william stearns….
http://antivirus.about.com/library/weekly/aa032801a.htm
  
Winux: Two in One Virus 
 The first Windows, Linux cross-platform virus discovered 
http://antivirus.about.com/library/weekly/aa032801a.htm
“Virus researchers have discovered a new breed of virus that infects both Windows and Linux files on Intel-based Pentium PC’s. Considered a proof-of-concept virus, it has not been found in-the-wild. As such, it is not posing a threat to users, but could signal the beginning of a new precedent in virus writing – the cross-platform threat. Within less than a day of discovery, the new virus has already been assigned a number of different names, including Linux.PEElf.2132, W32.Winux, Linux.Winux, W32/Lindose, and W32.PEElf.2132.  …..
 
HISTORY…..
 
Cross-platform Virus Infects Linux And Windows
http://www.networkcomputing.com/data-protection/cross-platform-virus-infects-linux-and-windows.php
April 7, 2006
A Russian security company announced Friday that it had found a cross-over virus that can infect PCs running either the open-source Linux or Microsoft Windows operating systems. Dubbed “Linux.Bi.a” and “Win32.Bi.a,” the split-personality malware doesn’t do any damage. Instead, said Moscow-based Kaspersky Labs in an online briefing, it’s a proof-of-concept to prove that a cross-platform virus is possible.
 
Java Based Cross Platform Malware Trojan (Mac/Linux/Windows)
http://www.darknet.org.uk/2011/01/java-based-cross-platform-malware-trojan-maclinuxwindows/
20 January 2011
It’s pretty rare to read about malware on the Linux or Mac OSX platforms and even more rare to read about cross-platform malware which targets both AND Windows by using Java. A neat piece of coding indeed, it targets vulnerabilities in all 3 operating systems – the sad thing? The malware itself is vulnerable to a basic directory traversal exploit, which means rival gangs can actually commandeer the infected targets.
They went to lengths to keep it secure and unseen (encrypted communications etc) – but didn’t program the malware itself securely…
 
Computerworld –
http://www.computerworld.com/s/article/110330/Kaspersky_warns_of_cross_platform_virus_proof_of_concept
Kaspersky Labs is reporting a new proof-of-concept virus capable of infecting both Windows and Linux systems.
The cross-platform virus is relatively simple and appears to have a low impact, according to Kaspersky. Even so, it could be a sign that virus writers are beginning to research ways of writing new code capable of infecting multiple platforms, said Shane Coursen, senior technical consultant at Kaspersky.
 

RELATED:
Torvalds Patches Linux Kernel, Fixes Broken Virus –
http://www.pcworld.com/article/125461/torvalds_patches_linux_kernel_fixes_broken_virus.html
PCWorld 
After discovering that the virus didn’t work on recent versions of Linux, …
” We may see another virus using the same method of cross-platform infection. … ”
 
Linux malware From Wikipedia, the free encyclopedia 
http://en.wikipedia.org/wiki/Linux_malware
A new area of concern identified in 2007 is that of cross-platform … was discovered that contained a script that used the infected Linux PC in denial-of- service attacks. … There are a number of anti-virus applications available for Linux, …. Windows Viruses”.
 
FROM OUR BLOG ON THIS……
 
My Linux choice – Ubuntu (dual boot systems, security myth already)
August 15, 2010 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2010/08/15/my-linux-choice-ubuntu-dual-boot-systems-security-myth-already/
“….Of course as webmaster of the BlueCollarPC since 2005, I am obviously very, very, very security oriented and share this as a Community Help site – free (Windows OS). We can review original ‘horn locking’ from mid-decade (2000 – 2010) in the several arguments that Firefox browser, Linux OS (operating system) , Apple/Mac were safer than Windows between the two operating system users and conclude that in this new decade Windows users may begin to flock to Linux as a “back up system” to Windows being inoperative due to malwares. This is along the lines that much malware on Windows used the Active X maliciously (like trojans or malware toolbars, etc.) in Internet Explorer browser and the Mozilla Firefox browser operated without it. So the arguements began and the hype and so on that “Firefox is safer than Internet Explorer” and many, many Windows users have installed Firefox as a back up browser to use in the event malware affecting the Internet Explorer in some lock out denial of service manner occurred. In the early days this was working to achieve logging onto the internet when you could not on IE (Microsoft Internet Explorer, part of Windows OS). But cybercrime has evolved greatly in a very, very, very short time and with today’s botnet activities and infections – they can simply block many browsers from navigating to security sites for removal help and software and utilities. There was also a cross-infection that was achieved between the two browsers – Firefox and IE.
 
So, although this may be true in the Linux add on as a back up system right in the same computer (dual boot) with Windows – along those same lines as the ‘back up browser’ – cyber crime no doubt has and is working on some “cross platform” type infection ability – cross operating system malware – to rule this out, meaning as fast as we get there with this idea – they have already seen us coming. Suddenly just a couple years ago, all the Linux and Apple/Mac malwares were discovered and do not forget the other argument – Linux and Apple/Mac were safer simply because 90 percent of the world was on Windows and are the target of the cyber criminal underground meaning Windows users are “where the money is”. This is relating to the malicious ID Theft activity by cyber criminals and other various spyware scenarios and nefarioius use.
In this new decade (2010 – 2020) – I obviously predict this occurrence of the cross operating system infection for dual boot observing this – user security options as adding another OS creating a dual boot system computer. It will be exploding with all the ways in a dual boot system using Linux and Windows of how you can use Linux to actually hack back into the infected Windows sytem to get rid of malware infection. This is already possible in various ways. Not long and it is going to be the same with just Windows as with dual boot systems – in worst infections there will be no way in to remove it. …..”
 
ESET NOD32 has won the most awards for Windows protection…
(about 25 percent more than second and third place worldwide – Symantec, Sophos)
ESET NOD32 Currently 59 VB100 awards !
http://www.eset.com/
http://en.wikipedia.org/wiki/ESET_NOD32
This brings the ESET Antivirus VB100 award total to 59 – still
the highest of any antivirus vendor!
December 2009 – ESET antivirus scoops 59th VB100 Award
http://www.betterantivirus.com/nod32-and-virus-news/archives/1456-December-2009-ESET-antivirus-scoops-59th-VB100-Award.html
 
….So you figure if you absolutely need/want protection – they are a superb company….
ESET NOD32 Antivirus 4 for Linux Desktop Beta Program
Whether you use your Linux desktop to surf the Web or work on shared office documents, it is vulnerable to direct attacks by malware or may be targeted as a carrier for cross-platform viruses and other threats designed to target Windows and Macs. Network shares, email and removable media like USB keys are easy ways for multiplatform malware to spread under the radar.
Runs on the following distributions: Debian, Fedora, Mandriva, RedHat, SuSE, Ubuntu, and other RPM and DEB package manager based installations.
kernel >= 2.6
GNU C Library 2.3 or newer
GTK+ 2.6 or newer
LSB 3.1 compatibility recommended
 
THE MORE LINUX IS USED, THE MORE THE NEED AND REALIZATION OF COMBO PACKAGES FROM SECURITY PRODUCTS NO DOUBT !
 
Research Item:
Executable and Linkable Format
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Executable_and_Linkable_Format
 
 
I personally have been hedgy about dual boot (Linux and Windows on same computer) and have mine (Ubuntu Linux) on my Windows Vista machine of the which Vista is noteably the safest Windows operating system EVER conceived that does not allow viruses to “write to the computer disk” and any virus can only achieve residing temporarily in the tempfiles which would need stupidity or being duped to click and execute the infection. As well with UAC (User Account Control) on as recommended that does this protection -there is NO rootkit that can possibly run on Vista EVER found. ….
 
Vista’s Despised UAC Nails Rootkits, Tests Find – Business Center …
http://www.pcworld.com/businesscenter/article/146256/vistas_despised_uac_nails_rootkits_tests_find.html
May 25, 2008 … Most users find it annoying, but Vista’s Account Control
feature proves most effective in security tests…..
QUOTED….
“….Love or hate its nagging prompts, Vista’s Account Control feature (UAC) has a security feature that marks it out from any other type of Windows security programme — it can spot rootkits before they install.
This is one finding buried in a report published in two German computer magazines some months ago after testing by the respected AV-Test.org, which set out to find out how well antivirus programs fared against known rootkits.
The answer was not particularly well at all, either for Windows XP, or Vista-oriented products. Of 30 rootkits thrown at XP anti-malware scanners, none of the seven AV suites found all 30, a similar story to the six web-based scanners assessed. Only four of the 14 specialized anti-rootkit tools managed a perfect score.

Best Protection

The best of the all-purpose suites was Avira AntiVir Premium Security Suite, which found 29 active rootkits, with Norton finding as few as 18. The anti-rootkit tools fared better, with AVG Anti-Rootkit Free, GMER, Rootkit Unhooker LE, and Trend Micro Rootkit Buster achieving perfect scores. The scores for removal were patchy, however, with all failing to remove any of the rootkits they had found.

The results for Vista products were harder to assess because only six rootkits could run on the OS, but the testers had to turn off UAC to get even this far. Vista’s UAC itself spotted everything thrown in front of it.

Only three of the 17 AV tools for Vista managed to both detect and successfully remove them, F-Secure Anti-Virus 2008, Panda Security Antivirus 2008, and Norton Antivirus 2008.

Once on a PC, rootkits can bury themselves quietly, but they have to get to that point first. As long as users interpret prompts from the UAC system attentively, or those messages haven’t in some way been spoofed, rootkits struggle to jump to the PC without drawing attention to themselves.

That UAC can tell a user when a rootkit is trying to install itself is not in itself surprising, as Vista is supposedly engineered from the ground up to intercept all applications requests of any significance.

Posted in ANNOUNCE, BlueCollarPC WordPress Blog. Tags: , , , , , , , , . Comments Off on New virus infects Linux and Windows platforms (cross-platform infections)
%d bloggers like this: