Linux doesn't get malware, right? Historically, by Windows standards, that has been true but as Linux-based servers have become the backbone of the Web, criminals have started targetting them like any other infrastructure. As nation state malware has ramped up, desktops have even faced rare attacks too. Linux is still diverse and difficult to penetrate, its user base mroe savvy. Unfortunately, public servers aren't always secured as well.
1. Hand of Thief Trojan - 2013
Possibly the most significant desktop Linux malware of recent times, Hand of Thief was built to run on 15 Linux distros as a data and credential stealer. Discovered for sale on the Russian crime underground.
2. Jellyfish graphics card malware - 2015
Created by researchers as a proof-of-concept malware platform designed to highlight the possibility that malware could hide on or use GPUs. Not a new worrybut a neat implementation that offered a Linux rootkit and a Windows-based Remote Access Trojan.
3. 'HEUR' backdoor Java app - 2014
Image: Kaspersky Lab
A malicious Java application (which runs across Windows and Mac as well as Linux),this threat hit unpatched flaws on that platform with glee. Infected systems became part of an old-fashioned desktop DDoS bot.
4. Linux 'Mayhem' botnet - 2014
Another Linux botnet but this time one found by Russian firm Yandex to be exploiting the Shellshock security flaw discovered in 2014. Patch your we servers.
5. Linux Chapro - 2012
Essentially a malicious module designed to run under Apache web servers, Chapro injected compromised pages into those served by the infected system as a way of spreading malware such as banking Trojans.
6. IPtables botnet - 2014
Typical of the modern threat to Linux servers, the hard-to-detect Iptables attacks Apache servers to add them to its DDoS botnet. Akamai reckoned this bot and its Linux slaves was used in major attacks during the year.
7. Wirenet Trojan - 2012
Unusual for infecting Linux as well as Mac, Linux and even Solaris desktops, Wirenet was designed to steal passwords, probably as part of highly-targeted attacks. Non mainstream, perhaps, but a warning about the potential of cross-platform malware.
8. Spike toolkit - 2014
Sign up for CIO Asia eNewsletters.