Is Linux really immune to viruses and malware?
One reason people turn to Linux is for better security. When you switch to Linux, you think you no longer have to worry about viruses and other types of malware. But even though this is almost always true, Linux desktops are not completely secure.
If a virus wants to ruin your free and open source desktop store, this is entirely possible.
The truth about Linux is immune to viruses and malware
- Why is malware less common on Linux desktops?
- Malware on Linux desktops exists, but is rare
- Most Linux malware targets the server
- The design of Linux is not completely secure
- 4 reasons why Linux is relatively safe to use
- 1. Many distributions, environment and system components
- 2. Application store and package manager that protects Linux users
- 3. Newer technologies actively consider security issues
- 4. The source code is open for anyone to read
Why is malware less common on Linux desktops?
Malware is unwanted code that somehow invades your computer to perform functions designed for malicious purposes. Sometimes these programs slow down the computer or make it unable to operate completely. The creators of the malware could then ask for a ransom to repair the device.
Sometimes malware uploads information to remote servers, allowing someone to access saved data or important information you enter, such as passwords and credit card numbers.
Hackers tend to create malware for Windows because it's the operating system found on most PCs. This increases the proportion of viruses that will spread from one computer to another.
Virus creators tend to target less technically savvy users who are easily tricked by phishing and phishing web banners.
There are antivirus programs for Linux, but their purpose is often to help protect Windows users.
Malware on Linux desktops exists, but is rare
A recent malware has targeted the Linux desktop. EvilGNOME runs on the GNOME desktop environment, by pretending to be an extension.
GNOME is the most popular Linux desktop environment, found as the default interface on two of the most popular Linux distributions, Ubuntu and Fedora, as well as on computers available from Linux manufacturers such as System76. and Purism. Legal extensions allow you to change many aspects of the GNOME desktop.
Malware called EvilGNOME can take screenshots and record audio from a PC's microphone. It can also upload your personal files. A more detailed analysis is available in the report by Intezer Labs, which has named EvilGNOME. Reference at:
https://www.intezer.com/blog-evilgnome-rare-malware-spying-on-linux-desktop-users/
This malware has no special ability to affect large numbers of users. But the fact is it still exists.
Most Linux malware targets the server
Linux is relatively rare on the desktop, but it is the most prominent operating system found on servers, providing the power of the web and managing most of the world's digital infrastructure.
More attacks target websites than PCs. Hackers often look for holes in network daemons, which they can use to gain access to servers running Linux. Some will install malicious scripts on a server, then target visitors, not the system itself.
Hacking machines running Linux, whether they are servers or IoT devices, is a way to infect the web or create a botnet.
The design of Linux is not completely secure
Desktop Linux in its current form is not a strong fortress. Compared to Windows XP, where malware can have administrator access without a password, Linux provides a much better level of security. Today, Microsoft has made changes to close that gap.
However, the worry about the security of system files almost misses a point. Most of the user data of interest is not saved in the root system directory. It is personal data in the Home directory, cannot be replaced and disclosed. Software on Linux, malicious or not, doesn't need a password to access this data and share it with others.
User accounts can also run microphone activation scripts, turn on the webcam, record keystrokes and what happens on the screen.
In other words, the security level of the Linux kernel, or the measures to protect other system components, will not work, if there are vulnerabilities in the application and the desktop environment can cause your data. Most mind at risk.
EvilGNOME does not install itself in system files. It 'hides' in a hidden folder in Home. On the plus side, this makes it easier to remove. But first you have to know it exists there.
4 reasons why Linux is relatively safe to use
Although Linux is not immune to exploit attacks, it still provides a much safer environment than Windows for daily use. Here are a few reasons why.
1. Many distributions, environment and system components
Application developers have difficulty developing Linux because there are many versions that need support. It is the same challenge faced by malware creators. What is the best way to get into someone's computer?
You can try to exploit the vulnerability in the Xorg display server or in a specific window compositor, which gives applications a buffer for each window, only to find that the user has Install something else.
2. Application store and package manager that protects Linux users
Traditional Linux package management systems place maintenance and evaluation of applications between users and their software resources. As long as you get all the software from reliable sources, you are very unlikely to encounter anything malicious.
Avoid copying and pasting command line instructions to install the software, especially if you don't know exactly what the command will perform and are not sure about the source.
3. Newer technologies actively consider security issues
New app formats like Flatpak and Snap introduce permissions and sandboxes, limiting what apps can access. The new Wayland display server can prevent applications from taking pictures or screen recording, making exploits more difficult.
4. The source code is open for anyone to read
The main advantage of Linux comes from being able to view the source code. Because Linux is open source software and not proprietary software, you don't have to worry about the desktop working against you, acting as spyware or being exposed to undisclosed exploit attacks because commercial reasons.
Even if you can't understand the meaning of code, you can still read someone's blog posts or reports.
People often assume that Linux users do not have to worry about viruses. If you stick with distribution app stores or other trusted sources like Flathub, you won't encounter anything dangerous.
No matter which operating system you use, it is important that you follow these practices to ensure safety. Don't make the mistake of believing that switching to Linux means that you can download anything from a website without bothering.
However, for most users, the biggest risk is probably not malware. If you've created a large number of online accounts or relied on cloud services, phishing is a much bigger threat to your data, whether you use Linux or not.
You should read it
- The new threat in Linux operating system can have 'incalculable' consequences.
- How to scan malware and rootkits on Linux server
- 14 interesting Linux commands in Terminal
- Compare the most popular Linux distributions today
- 7 best Linux distributions based on Red Hat
- Basic Linux commands everyone needs to know
- What's new in Linux Kernel 5.18?
- Why do bats harbor many viruses in themselves and survive?
- 6 reasons why the Linux operating system often fails
- 8 best Linux distros for pentest
- Why are Linux computers still important?
- 10 reasons to switch to Linux right in 2012