Linux infection proves Windows malware monopoly is over
For some reason Apple and Linux users have a tendency to believe that their computers are immune from viruses and malware. I am not sure who spread this rumor (some people suggest it was Apple but I have no proof of that), but I can assure you that it is not true. I have blogged several times over the years about Macintosh security issues. The only reason you don’t hear much about Macintosh and Linux security exploits and read about attacks on Windows-based PCs is that Microsoft Windows runs on about 90% of the computers in the world. The bad guys have very little interest on finding security holes in operating systems that are run by a small percentage of people around the globe.
A recent post on ZDNet, written by Ed Bott, discusses some serious security issues in Linux and Macintosh. Here’s a portion of his blog post:
“Every time I write about Windows security software, I get a predictable flood of responses from Linux advocates who claim that they don’t need any such protection. Today comes a shining example of why they’re wrong.
If you downloaded and installed the open-source Unreal IRC server in the last 8 months or so, you’ve been pwned. Here’s the official announcement:
This is very embarrassing…
We found out that the Unreal22.214.171.124.tar.gz file on our mirrors has been replaced quite a while ago with a version with a backdoor (trojan) in it.
This backdoor allows a person to execute ANY command with the privileges of the user running the ircd. The backdoor can be executed regardless of any user restrictions (so even if you have passworded server or hub that doesn’t allow any users in).
Two additional details in the announcement added extra helpings of irony:
It appears the replacement of the .tar.gz occurred in November 2009 (at least on some mirrors). It seems nobody noticed it until now.
Right. Because even server administrators believe that open source and Linux software are impregnable by design, the official download of a widely distributed server product has been infected with a backdoor that gives bad guys complete ownership of the system. Oops.
And my favorite part:
The Windows (SSL and non-ssl) versions are NOT affected.
Again, that’s right. A similarly infected Windows file in the wild would be detected within days if not hours after a routine virus scan by someone checking the download before installing it.”
Ed goes on to talk about Macintosh security issues. You can read his entire post here.