Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Linux

Linux Malware Sees 35% Growth During 2021 (bleepingcomputer.com) 71

The number of malware infections targeting Linux devices rose by 35% in 2021, most commonly to recruit IoT devices for DDoS (distributed denial of service) attacks. BleepingComputer reports: A Crowdstrike report looking into the attack data from 2021 summarizes the following:

- In 2021, there was a 35% rise in malware targeting Linux systems compared to 2020.
- XorDDoS, Mirai, and Mozi were the most prevalent families, accounting for 22% of all Linux-targeting malware attacks observed in 2021.
- Mozi, in particular, had explosive growth in its activity, with ten times more samples circulating in the wild the year that passed compared to the previous one.
- XorDDoS also had a notable year-over-year increase of 123%.
[...]
The Crowstrike findings aren't surprising as they confirm an ongoing trend that emerged in previous years. For example, an Intezer report analyzing 2020 stats found that Linux malware families increased by 40% in 2020 compared to the previous year. In the first six months of 2020, a steep rise of 500% in Golang malware was recorded, showing that malware authors were looking for ways to make their code run on multiple platforms. This programming, and by extension, targeting trend, has already been confirmed in early 2022 cases and is likely to continue unabated.

This discussion has been archived. No new comments can be posted.

Linux Malware Sees 35% Growth During 2021

Comments Filter:
  • I thought (Score:2, Interesting)

    by kenh ( 9056 )

    I thought the superior design, publicly available source code, and superior system administrators made Linux-derived OSes the most secure software in the world, impervious to the malicious hacks and attacks that plague inferior closed-source OSes like Windows and Mac OS...

    Perhaps the rise in malware attacks is merely a function of the reality that Linux is heading towards a market-share large enough to attract the attention of hackers and malware authors?

    • by YetAnotherDrew ( 664604 ) on Monday January 17, 2022 @08:42PM (#62182781)
      Many eyes make bugs shallow enough to exploit them.
      • Bugs? In Linux?

        Blasphemer!

        LOL

    • Comment removed (Score:5, Informative)

      by account_deleted ( 4530225 ) on Monday January 17, 2022 @08:56PM (#62182821)
      Comment removed based on user account deletion
      • Re: You thought? (Score:4, Interesting)

        by kenh ( 9056 ) on Monday January 17, 2022 @09:04PM (#62182839) Homepage Journal

        Woosh!

        Perhaps the rise in malware attacks is merely a function of the reality that Linux is heading towards a market-share large enough to attract the attention of hackers and malware authors?

        Many Linux advocates attributed their chosen OS's lack of malware to the factors I mentioned, ignoring the reality that the market share of Linux desktops (apart from professionally admin'd servers) was so low that even with source code the effort was too great to justify the effort.

        That the malware mainly appears on IoT devices speaks to the need for sufficient numbers to attract malware authors and a large number of identically-configured IoT devices.

        • Re: (Score:3, Interesting)

          by test321 ( 8891681 )

          It looks like you are trying to be sarcastic, offend or get some revenge on linux users, but i fear you will be disappointed. *nix users have agreed for very long that security comes from several factors, such as a limited market share (for the desktop), fragmentation, and the generally more literate users, apart from design factors.

          And Linux being very popular outside the desktop market, or even being the dominant OS in several markets, is not new, although the market penetration increased both in consumer

      • by account_deleted ( 4530225 ) on Monday January 17, 2022 @09:11PM (#62182873)
        Comment removed based on user account deletion
        • Re: (Score:2, Flamebait)

          by drinkypoo ( 153816 )

          UID means dick. kenh is a well-known troll.

          • by jmccue ( 834797 )

            I do not know about kenh being a troll, but have no reason to dispute your statement.

            But I fully agree with you the UID has no meaning. To me, all the ID numbering scheme does is to allow people to say mine is bigger than yours. Most of the time it is all in good fun, but I think it may discourage new people from signing up due to the UID thing.

            Now if people read the article, it focuses on IOT, which everyone here knows (or should know) is a security nightmare. No to little mention of servers or even desk

            • > [...] IOT, which everyone here knows (or should know) is a security nightmare.

              "The 's' up here in 'IoT' stands for 'Security', we all know that" -- Michael Caisse, "Small Inspiration"

              https://youtu.be/nrtav9_SKwg?t... [youtu.be]

            • To me, all the ID numbering scheme does is to allow people to say mine is bigger than yours.

              In fact the fight is to say mine is smaller than yours... and we wonder why the site is, albeit not gender-uniform, male-dominated :D

      • Please engage sarcasm detector. Thanks for playing, though.

    • Maybe, but since a lot of it is IoT it could be said to be a consequence of its no-cost nature. Free, gets distributed a lot wider, and if it comes with a guilt-free license so much the better.

    • Re:I thought (Score:4, Informative)

      by phantomfive ( 622387 ) on Monday January 17, 2022 @10:22PM (#62183023) Journal

      Mirai was designed to attack Linux devices that still have the default password and are on the open internet.

      • A service built to run on Linux designed to have a default password. Or even better a service with no password designed to load ANOTHER service with a default password, or even the reverse. And please don't stare at my UID it makes me uncomfortable...

    • Re:I thought (Score:5, Insightful)

      by Bert64 ( 520050 ) <bert@NOSpaM.slashdot.firenzee.com> on Monday January 17, 2022 @10:30PM (#62183039) Homepage

      Linux has long had a significant marketshare in embedded devices and servers, it's only in user-facing general purpose desktops where the linux marketshare is small.

      In the embedded space linux primarily does not compete against windows, it competes against vxworks and various other embedded systems.

      Most of the malware for linux is aimed at servers and embedded devices, and always has been. There is not much malware aimed at desktop linux users.

      Being open source, anyone is free to create an embedded device using linux, and lots of shady manufacturers do. When these embedded devices become compromised the vast majority are not due to vulnerabilities in linux itself - but are due to poor configuration (eg default passwords), or vulnerabilities in the (often closed source) code the device vendor has placed on top of the linux kernel.

      In a similar vein, microsoft is not blamed when windows systems are exploited due to poor configuration or bugs in third party code.

      • by _merlin ( 160982 )

        In a similar vein, microsoft is not blamed when windows systems are exploited due to poor configuration or bugs in third party code.

        Maybe not by people who think objectively, but plenty of /. comments blame Microsoft for absolutely everything that happens on Windows computers.

      • by dargaud ( 518470 )
        So, just to be clear, if you are a desktop Linux user who takes reasonable precautions (good passwords, firewalls, not running scripts found on random websites, etc...), there's nothing to worry about ? No big 0-day vulnerabilities, or arbitrary code executions while on the web...?
        • So, just to be clear, if you are a desktop Linux user who takes reasonable precautions (good passwords, firewalls, not running scripts found on random websites, etc...), there's nothing to worry about ? No big 0-day vulnerabilities, or arbitrary code executions while on the web...?

          I thought that's what Java was for...embedded Java.. It's MY UID.

        • by Bert64 ( 520050 )

          Not "nothing", but significantly less threats yes.
          Most of the attacks against linux systems target listening network services present on servers and embedded devices - a linux desktop by default does not have any such services.

          Most attacks against client software (browsers etc) or phishing target windows, while a vulnerability in firefox or webkit would theoretically be cross platform most of the exploits being actively used don't target desktop linux, and while they may target android most android exploits

      • So, even when the definition of embedded device"" changes the attack objective stays the same?

      • by mjwx ( 966435 )

        Linux has long had a significant marketshare in embedded devices and servers, it's only in user-facing general purpose desktops where the linux marketshare is small.

        In the embedded space linux primarily does not compete against windows, it competes against vxworks and various other embedded systems.

        Most of the malware for linux is aimed at servers and embedded devices, and always has been. There is not much malware aimed at desktop linux users.

        Being open source, anyone is free to create an embedded device using linux, and lots of shady manufacturers do. When these embedded devices become compromised the vast majority are not due to vulnerabilities in linux itself - but are due to poor configuration (eg default passwords), or vulnerabilities in the (often closed source) code the device vendor has placed on top of the linux kernel.

        In a similar vein, microsoft is not blamed when windows systems are exploited due to poor configuration or bugs in third party code.

        Beyond this, how much of it is Linux and how much of it are the applications that run on Linux? I would think a large amount of that "35%" growth would be the Log4j vulnerability alone, which affects Apache and any platform it runs on including Windows and ESXi.

      • There is not much malware aimed at desktop linux users.

        Of course. You don't want a virus to spread to one user and then instantly suffer from complete herd immunity.

    • I thought the superior design, well funded and professionally maintained proprietary code was the reason governments and businesses around the world paid for Windows, and that when malicious hacks and attacks would occur the institutions could turn to the vendor for accountability.

      But no, it is always some foreign government's fault, or the users for opening an email.

      So if the rise of market share makes everything equal, why waste so much tax payer money if not to fund bullshit jobs?
    • Linux has selinux [nsa.gov] and apparmor [apparmor.net] -- all open source and well-maintained. Just requires due attention to security.
    • IoT devices that are never updated are going to be vulnerable.

      • IoT devices are unlikely to run extra services that might be vulnerable, but they're likely to have dodgy, poorly written or secured services that are vulnerable as their primary function. And you're correct that they won't be kept updated

    • We know about these vulnerabilities. With closed source software how many vulnerabilities are there being exploited that we have no idea exist? Especially when you consider nation states and law enforcement who don't just give up vulnerabilities when they find them...
    • Most malware does not exploit bugs in the operating system to perform privilege escalation. Most malware relies on tricking the user into running it, at which point of course no operating system design can stop it. If the o.s. could stop malware that for instance deleted every file one has access to delete, then how would one create a program that deletes files?

      Apart from that, “operating system” is a very vague term and for malware this doesn't matter. Consider for instance a web browser that c

    • OS doesn't matter when IoT devices are designed by monkeys that do not care about security: they hardcore ready to guess passwords, use insecure protocols, ancient unmatched software...

    • I thought the superior design, publicly available source code, and superior system administrators made Linux-derived OSes the most secure software in the world, impervious to the malicious hacks and attacks that plague inferior closed-source OSes like Windows and Mac OS...

      Perhaps the rise in malware attacks is merely a function of the reality that Linux is heading towards a market-share large enough to attract the attention of hackers and malware authors?

      The biggest culprit is C. Any operating system where a major part is written in C (or even C++) is bound to have serious security holes. Anyone following the lists of vulnerabilities will notice this.

      Do not misunderstand me, I am not saying that an OS written in a more secure language would be without security holes. We saw recently a serious problem with log4j which is not written in C. All I am saying is that in additional to those security holes you have in any language, with C you have additionally the

      • I have to ask for a reference to a securer OS not written in C. I'll further confine answers to not running C and on a desktop.

        • I have to ask for a reference to a securer OS not written in C. I'll further confine answers to not running C and on a desktop.

          You seems to miss the point in my post. My point is that we should have begun with this decades ago and now as we have taken baby steps we are still decades away from having it.

          • The only problem i see with security? Now not debugging (other's) C code, well yes debugging other people's large progressive C project can be a pain. But I am convinced that C->C++->C#, etc is logically able to eliminate ANY problem people have with C, other than reading their code =) Now this is logically speaking mind you. I don't speak for other's sense creative subjectivity and their choice(s) of language(s). But failing to use C progressively thus more completely thus with more security, cannot

    • If you install a video game on your Linux box, by default it has full access to your filesystem, home folder, and can access any web address it wants -- just like on any other OS. You have to go out of your way to secure your own machine, and only if you know what you're doing. Is there a one-click setting in any typical Linux desktop environment that lets you sandbox a program or shut off Internet access? Sure, you CAN do it, but it's not easy. Even most hardcore nerds don't bother to do that stuff on

    • A 35% increase means about 20 people were actually affected, right?

    • It's important to known that Crowdstrike is a anti-malware vendor that is big with the corporate types and all of those vendors make a regular practice of deseminating FUD via whitepapers and reports that get into the hands of SecOps admins who are long practiced in just buying whatever the latest kool-aid is.

      And it may even be true strictly speaking in that we had 17 Linux malwares before and now there are 23 so that is a 35% increase but ignores the fact that platforms like Windows have IDK, many many tho

    • made Linux-derived OSes the most secure software in the world

      Nah, Linux only has to be more secure than Windows. It's not hard when you copy the process architecture and permission model of Unix.

      Perhaps the rise in

      There is this property of math where if you have a very small number and you add a relatively large number to it, the rate of increase skyrockets. When compared to starting with a massive number and adding just about anything to it.

      Linux is heading towards a market-share

      I've been waiting 20 years to finally announce it's going to be the year of the Linux Desktop. But seriously, this is not going to happen. Desktop

  • at this rate (Score:4, Informative)

    by awwshit ( 6214476 ) on Monday January 17, 2022 @08:54PM (#62182817)

    The year of the Linux Desktop will be the same year that Linux looks and feels a lot like Windows.

  • Finally! (Score:5, Funny)

    by aardvarkjoe ( 156801 ) on Monday January 17, 2022 @09:03PM (#62182833)

    It's taken a long time, but it's finally the Year of Linux Malware on the Desktop.

  • Linux is the Kernel, not the full OS that goes into an IoT device. When are these people going to learn? When they install these devices with a hard coded back door into them, what would you expect to happen?
  • Comment removed based on user account deletion
    • The year of Linux on the laptop is here. The year of Linux + BSD as the most popular OS is here.

      The only place where Linux is not popular at all is on the Desktop, for some reason.

  • by Required Snark ( 1702878 ) on Monday January 17, 2022 @10:30PM (#62183037)
    They are keeping the interwebs safe!!!
  • by couchslug ( 175151 ) on Monday January 17, 2022 @11:51PM (#62183179)

    Not content with SEO, the headline Optimizes Ignorance Engagement. The percentage increase being the headline leverages the inability of most humans to consider what that information really means.

    It evades (as does the entire OP!) comparison with other OS in order to direct Slashdotters to the parent link.

  • I thought Linux was impervious to malware???
  • 1 out of a million, increasing to 3 out of 10 million means a 33% increase in viruses!
    • by Tablizer ( 95088 )

      Oops, somebody beat me to this meme. Delete delete delete!

      When is the year of Slashdot correction feature?

  • if t6he problem is with IoT devices they can crack em all for all i care. If you're dumb enough to use these devices without securing them , your problem boyo. Dont blame the linux kernel for crappy implementations in low cost gadgets. That's misleading and totally out of context. The article bttw is as much garbage as trump spwes out in a year. bye.

  • Meanwhile, zero announcements have been made for desktop operating systems that support capability based security.

  • Maybe 2021 was the Year of the Linux Desktop? :(
  • by Kelxin ( 3417093 ) on Tuesday January 18, 2022 @11:57AM (#62184551)
    An increase from 10 to 13 is a 30% increase. Compared to the windows ecosystem, Linux viruses are still a drop in the bucket. Hell, in college I even made a windows joke virus in Microsoft vb script in word.

FORTUNE'S FUN FACTS TO KNOW AND TELL: A black panther is really a leopard that has a solid black coat rather then a spotted one.

Working...