Or historical exploits/trojans/etc. that deserve more attention? I’ve mostly heard about lucrative vulnerabilities that concern Linux servers, but what about the end-users on desktops? Or is the Linux desktop market small enough that we mostly just see one-off instances of users blindly running malicious scripts?
Traditional worm-type malware doesn’t really exist on windows anymore either.
I heard there was some zero day via some rootkit that hijacked the bootloader for newer linux desktop kernels. Some korean cybersec students or smth I don’t remember. But it was very recent like last year iirc?
I think, on a personal Linux desktop, more damage is done by malicious browser extensions than by actual viruses or root kits. So you could classify it as social engineering, maybe.
Not in the way you’re probably thinking, which I assume is like in a Windows-y kind of way.
Finding an exploitable escalation of privileges in Linux is rare, but unpatched machines get hacked all the time, but the world of worms, and such is kind of gone.
The way most end-user machines get compromised these days is by supply chain attacks, undiscovered zero-day exploits, user error, and social engineering. Groups that discover zero-days usually keep it close the vest, and they don’t get found for long periods of time after they’ve been out in the wild.
The way most corporate machines get attacked is social engineering, supply chain, and zero-days. Mostly crypto mining schemes and enterprise-level ransoms for data.
All the Windows botnets you hear about out there are largely unpatched machines exposed to the internet in various stupid ways that groups prey on to take control of.
Edit: Forgot about leaked secrets. Lots of companies get hit from plaintext secrets that get out in the wild via various stupid means.
There were a few in the last couple of years, but not a widespread virus like Windows. There was a hiding in plain sight virus. Basically just files named similarly and a mechanism to hide itself when you ran ‘top’ type commands,
I haven’t heard of any such cases, but it is a smaller pool of users. Also, many desktop Linux users know more about using a computer than other operating system users, since it’s less common for Linux to come preinstalled. So that may affect it, too.
I imagine vulnerabilities with the Linux kernel or common utilities do apply to desktop users as well, which is a good reminder why staying up-to-date is important. But to my understanding, exploiting remotely would need a way of sending data to the target. And most desktop computers won’t have ports open to the internet for anyone like servers will.
I know that Wayland’s design does make it more difficult for a user-mode program to act maliciously, like as key-loggers or reading the clipboard.
smaller pool of desktop users
There, I fixed it for you.This is about desktop Linux, so I was wrong to correct you. My bad.
