Browser Malware in Linux

[V.T. Eric Layton]

I was reading on another thread here...

 

http://forums.scotsnewsletter.com/index.php?showtopic=71668&st=25#entry407864

 

... and it made me wonder.

 

So, I'll ask...

 

You know, in 8+ years of surfing the Internet in numerous distributions with numerous browsers, I have never once -- not a single instance -- ever had browser malware or corruption issues. And I occasionally visit sites that would KILL IE DEAD in a matter of seconds. Why is that? Am I just lucky?

 

I tend to not believe that malware tricks are as threatening with browsers in Linux as they are in Windows. For malware to install itself in Linux still requires Root access. I can't manipulate my Firefox browser's executable in Linux without being Root. I can only manipulate the Users Profile data, and even then I would need to attain User permissions.

 

But whaddo I know?

 

Has anyone here using Linux ever had a malware corruption? Just curious....

[V.T. Eric Layton]

Related:

 

The Short Life and Hard Times of the Linux Virus

 

Linux Malware (not an authoritative source)

[Capt.Crow]

Nope

not yet //

/// fingers crossed

[securitybreach]

Nope and I have not even heard of it happening to someone outside of a lab. There are a handful of old linux viruses but none of them every made it out in the wild.

[lewmur]

In all the years I've used, and supported others in using Linux, I've only encountered one instance where a Java script attempted to imitate the Windows FBI virus. When you attempted to exit the infected page, you'd get the box asking if you really wanted to leave the page. If you clicked to leave the page, it would merely increment a counter and then re-display the box. Even a forced shutdown of the computer didn't help. As soon as you restarted the browser, it would return to the same infected page.

 

But because it was only a java script exploit, there were several ways to overcome it. The simplest was to elect to stay on the page, to get rid of the box, go to the browser's options and disable java scripts and then exit the page. Or, because there was a finite number of times the counter could be incremented, you could keep clicking "leave" until it finally did. That, of course, was tiresome. Another way was to force a computer shutdown and upon reboot, delete the java file where the page location is stored, prior to launching the browser.

[Guest LilBambi]

Not many standard users in Linux have gotten hit with this stuff; except for the occasional java script exploit or XSS issue.

 

The biggest problem lies in many users installing root based systems and surfing the web that way.

 

 

I have NEVER had a problem in Linux with this type of thing but I always use Adblock Plus, WOT, NoScript or ScriptSafe regardless of the OS I use.

[V.T. Eric Layton]

Umm... yes, Fran. I should have stated that initially, also. I do use numerous anti-malware, script-blocking extensions in FF and a couple in Chromium/Chrome. I s'pose that has helped.

[securitybreach]

Same here Fran and Eric... never once seen an issue in the last 11 years of using linux.

[goretsky]

Hello,

 

I'm actually working on an article about this area at work right now.

 

The gist of it is, in the Linux world, it is the servers that get targeted, not the desktops. If malware is involved, it is usually of the non-replicating variety, e.g., not a computer virus or a worm.

 

Regards,

 

Aryeh Goretsky

[V.T. Eric Layton]

Thanks for the input, Aryeh. Since Linux rules the server world, it has a big target on its back in that realm. However, I've found that quite a bit of the Linux servers that get hit are due to inept administration, which is also the bane of Windows servers, actually. Lazy or incompetent admins can really create a security weakness.

[securitybreach]

Lazy or incompetent admins can really create a security weakness.

 

So true