LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

How to write a Linux virus in 5 easy steps

How to write a Linux virus in 5 easy steps

Posted Feb 12, 2009 0:12 UTC (Thu) by tbrownaw (guest, #45457)
In reply to: How to write a Linux virus in 5 easy steps by ledow
Parent article: How to write a Linux virus in 5 easy steps

The problem is that the virus can self-propogate, cause damage, be difficult to remove and compromise the MACHINE.

I thought the ones that could self-propagate were called "worms".

(Log in to post comments)

How to write a Linux virus in 5 easy steps

Posted Feb 12, 2009 3:30 UTC (Thu) by nlucas (subscriber, #33793) [Link]

Both can self-propagate. The difference between a virus and a worm is that the first needs to "attach" itself to some other program to be run, while the worm IS the program.

Basic example, a bash virus runs, look for other bash scripts and inserts itself at the start of the existing script (eventually first checking if it was already infected). It may now check if it's time to do it's think ("rm -rf ~/*") or just exit and wait the user to make it run again by executing an infected script.

A worm runs by itself. Doesn't need a "host" program to run, but off course it needs some way of start running, and that can possibly be by adding itself to be called at the end of .bashrc/.profile/.whatever.

In the old days, the difference was that virus were writen in assembly, because they couldn't use something like libc, while worms, being a full programs, could be written in anything (and so, could be more powerful, like using system network libraries for infection).

How to write a Linux virus in 5 easy steps

Posted Feb 12, 2009 10:43 UTC (Thu) by efexis (guest, #26355) [Link]

Just like in biology! A virus masks as healthy DNA code so that host cells will copy it, whereas worms are host cells in their own right... of course this means one can actually use viruses to fight worms (bacteriophages), which is something that's used both in treating bacterial infections, and shutting down botnets (by using the botnet to spread the code that later kills itself). Aside from the damage all of this causes in the world of data and flesh, it's all rather cool!

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds