Creating a virus for a modern Linux system

Head Cold!

© Lead Image © piren, 123RF.com

© Lead Image © piren, 123RF.com

Article from Issue 300/2025
Author(s):

Linux might be safer than Windows, but it is not as safe as you think. We'll show you how a virus can navigate through the formidable Linux security system to deliver a payload.

Halfway through the wild '90s, I found myself in a peculiarly unpleasant situation: A significant amount of disk space from my hard disk had disappeared into the void, seemingly chewed, swallowed, and digested by an unknown entity (and please note: Disk space those days was measured in precious megabytes). Application loading time had almost doubled, and worst of all, all the friends I shared games, programs, and jokes with had experienced the same symptoms. Now, looking back with all of my accumulated experience and knowledge from the past 30 years, I can see that these symptoms indicated a serious virus infestation of the local Novell network.

My friends and I were a technical bunch, hardened with some years of low-level programming knowledge. After spending several sleepless nights, we identified the root cause of the problems: a nasty, but thankfully non-destructive, virus that somehow crept into the local network – possibly copied over from a seemingly innocent game we thought was safe. We called the virus the Porcupine, because deep inside several layers of encryption and assembly level obfuscation was a very cryptic message:

For cryin'out loud! My circuits are haunted by the ghost of a porcupine...

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Viruses in Linux

    Some say an attack is looming, and others say we don’t have to worry. What’s the real story on viruses in Linux?

    more »
  • Malware Minders

    The big antivirus companies offer a myriad of malware scanning utilities, but it is often difficult to see what they are really doing or to customize them for specific needs. Beyond the giants are a class of more versatile tools that let you choose the rulesets – and even write your own rules.

    more »
  • Charly's Column

    Checking email for viruses is typically the domain of the SMTP gateway or a server directly downstream of it. In this month’s column, Charly decides to move this protection to the other side – that is, to the client connections
    with their SMTP and POP servers.

    more »
  • KlamAV

    Linux may not be as virus-ready as Windows, but who wants to harbor pointless malware? Now you can hunt for viruses with KDE's KlamAV, a desktop front-end for the ClamAV Open Source virus protection system.

    more »
  • MITRE ATT&CK Workshop

    The MITRE ATT&CK website keeps information on attackers and intrusion techniques. We'll show you how to use that information to look for evidence of an attack.

    more »
comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News

Tag Cloud

Administration Community Events Hardware Linux Linux Pro Magazine Mobile Programming Security Software Ubuntu Web Development Windows free software open source