[Discussion] Has anyone ever seen a malware-infected Debian?

[Uptorn]

Not counting servers, has anyone ever seen a malware-infected Debian end user device? Or any distro for that matter?

I have most certainly come across files sitting somewhere in $HOME that get identified as malicious (usually an installer targeting a Windows environment) but with no harm to the host. I've been doing this Linux thing for years and spent some time in the computer repair industry and I have never actually seen an infected end user Linux device. Not even a malware-affected browser.

Is it just me?

[bbbhltz]

I have been using Linux for a good number of years, but only for personal use. I read a good amount of news related to desktop Linux as well. I don't think I've heard of a real virus on Linux. Just lots of vulnerabilities that are patched before I have a chance to worry about it.

Even on Windows, which I do need to use for work, I haven't seen more than phishing scams and the infamous emails being sent from compromised addresses thing. The last time I personally had to deal with something on a computer that belonged to me was the ILOVEYOU virus.

Similarly, friends and family have asked me to fix computers. About 10 or 15 years ago the main source of malware were those damn toolbars people added to their browsers. I'd remove them and get a call the next day to fix it again!

I do like having a virus scanner enabled for my email client so I don't forward something. Same on my phone, I use Hypatia.

[DebianFox]

I do like having a virus scanner enabled for my email client so I don't forward something. Same on my phone, I use Hypatia.

Which Virus scanner have you enabled for your email client? And is your email client running on Linux?

[bbbhltz]

I do like having a virus scanner enabled for my email client so I don't forward something. Same on my phone, I use Hypatia.

Which Virus scanner have you enabled for your email client? And is your email client running on Linux?

I use Claws mail with ClamAV

[arzgi]

When I changed to Linux, f-prot was free for home users, ran it first daily, then once weekly, once in a month, after six months removed it.

[DebianFox]

In 2021 f-prot was discontinued. I do not think that it is available any more for Linux. Its successor product AntiVirus Protection Manager no longer supports Linux or BSD. I wonder what do other products that were based on f-prot or dependent on f-prot are now using.

[kent_dorfman766]

There is a Debian derived distro that I consider to be malware. Seems its corporate masters have decreed that it shall continue to leak information to the InterNet, regardless of what settings the user picks.

[Uptorn]

There is a Debian derived distro that I consider to be malware. Seems its corporate masters have decreed that it shall continue to leak information to the InterNet, regardless of what settings the user picks.

Ubuntu? Or something lesser known?

[Ziggi]

Hey Guys,

Thought I had better chime in - Oh Seek and Ye Shall Find...
Search term 'linux malware' in LibreWolf browser - standard install on Debian based Loc-OS LXDE

https://arstechnica.com/security/2024/0 ... -exploits/
https://arstechnica.com/security/2024/1 ... ince-2021/
https://www.msn.com/en-gb/money/technol ... r-AA1uWMru
https://www.zdnet.com/article/linux-mal ... right-now/

Though I was aware of a security issue with 'cups' so have not yet hooked up with printer or scanner on my 2023 beautiful Quad Boot HP EliteBook 860 16 inch G9 Notebook PC
Anybody know if it has been sorted yet? I always check with The Register
'Critical' CUPS vulnerability chain easy to use for massive DDoS attacks
https://www.theregister.com/2024/10/07/ ... hain_easy/

Ziggi

[bbbhltz]

There is a Debian derived distro that I consider to be malware. Seems its corporate masters have decreed that it shall continue to leak information to the InterNet, regardless of what settings the user picks.

Ubuntu? Or something lesser known?

Manjaro collects and shares data too

[LouisR4]

I’ve been using Linux for years as well, and I have actually never encountered a case of the real malware infiltration on the end-user device. For the most part, the “malicious” things I have seen have been windows files located on the home directory as you have noted. I believe it is partly because there is not as much focus on Linux, and partly because of permission problems where viruses cannot really wreak as much havoc. But I always wonder if there is someone who had a real life experience about this.

[td211]

No, but my sample size is small (2). As long as you stick to official repositories you should be quite safe.
Even in the old windows days, most "viruses" I found were these annoying shortcut viruses spreading over USB flash drives.

[Bloom]

Answer for the topic starter: NO. Yes, there is linux malware. No, it cannot infect running Linux systems without the big help of a very stupid user with administrator rights. That user has to download malware, give it executable rights and then start it with sudo or provide his login when the program asks for it. In that case, he deserves everything that happens next. Since nothing that comes from the internet is ever executable in Linux, there is no way for malware to be activated from a link as it is in that other operating system that is on almost every desktop worldwide.