Creating a virus for a modern Linux system

Head Cold!

© Lead Image © piren, 123RF.com

© Lead Image © piren, 123RF.com

Article from Issue 300/2025
Author(s):

Linux might be safer than Windows, but it is not as safe as you think. We'll show you how a virus can navigate through the formidable Linux security system to deliver a payload.

Halfway through the wild '90s, I found myself in a peculiarly unpleasant situation: A significant amount of disk space from my hard disk had disappeared into the void, seemingly chewed, swallowed, and digested by an unknown entity (and please note: Disk space those days was measured in precious megabytes). Application loading time had almost doubled, and worst of all, all the friends I shared games, programs, and jokes with had experienced the same symptoms. Now, looking back with all of my accumulated experience and knowledge from the past 30 years, I can see that these symptoms indicated a serious virus infestation of the local Novell network.

My friends and I were a technical bunch, hardened with some years of low-level programming knowledge. After spending several sleepless nights, we identified the root cause of the problems: a nasty, but thankfully non-destructive, virus that somehow crept into the local network – possibly copied over from a seemingly innocent game we thought was safe. We called the virus the Porcupine, because deep inside several layers of encryption and assembly level obfuscation was a very cryptic message:

For cryin'out loud! My circuits are haunted by the ghost of a porcupine...

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Viruses in Linux

    Some say an attack is looming, and others say we don’t have to worry. What’s the real story on viruses in Linux?

    more »
  • Malware Minders

    The big antivirus companies offer a myriad of malware scanning utilities, but it is often difficult to see what they are really doing or to customize them for specific needs. Beyond the giants are a class of more versatile tools that let you choose the rulesets – and even write your own rules.

    more »
  • Charly's Column

    Checking email for viruses is typically the domain of the SMTP gateway or a server directly downstream of it. In this month’s column, Charly decides to move this protection to the other side – that is, to the client connections
    with their SMTP and POP servers.

    more »
  • KlamAV

    Linux may not be as virus-ready as Windows, but who wants to harbor pointless malware? Now you can hunt for viruses with KDE's KlamAV, a desktop front-end for the ClamAV Open Source virus protection system.

    more »
  • MITRE ATT&CK Workshop

    The MITRE ATT&CK website keeps information on attackers and intrusion techniques. We'll show you how to use that information to look for evidence of an attack.

    more »
comments powered by Disqus