How to write a Linux virus – well or a trojan.

How to write a Linux virus

and the folloup thereof

Follow up: How to write a Linux virus

Thats quite a lot of discussion and an interesting one too. I too liked the point that the authour is trying to make, that is Linux too is not completely safe. I would rather like to put it as not \”Fool Proof\”.

But no one is fool. Its just the matter of time when you do something foolish. People do keep thinking about various things and keep working. That being the case, it is not too difficult that someone would actually run the program. But the caveat is that the program/virus/trojan would still show up at some places. So you need to do few more things for this to work. If you are keen on doing this, then you need to atleast add these:

1) When previewed, if you are sending it disguised as image, then it should be displayed as image in most of the defalt emaill clients.

2) When double clicked in Desktop environments with X running, it should actually display a image. (Otherwise everyone will be suspicious)

3) The process should be stealthed (I dont know if that can be done) in such a way that it does not appear in proc or in ps output.

These are atleast the minimum requirements that I think should be met even before someone thinks that it is virus/trojan/or anything of sort of prank. What do you guys think?

14 thoughts on “How to write a Linux virus – well or a trojan.”

  1. how about processes with names that match or imitates existing commands,(instead of stealth processes) , like say oracleTSN, controller, kernel-bash etc (though the name doesnt make any sense or such process doesnt exist) . these types of names doesnt raise any hue in most of the linux beginners and can easily escape experts birds eye view.

    1. that is why you should not use root and thus you would not be able to install them in first place to replace the original one šŸ™‚
      Also for advanced users, its always good to use a rootkit hunter to circumvent any such problems.

  2. Pingback: Amit Agarwal
  3. Pingback: Amit Agarwal

This site uses Akismet to reduce spam. Learn how your comment data is processed.