Ubuntu: Do malicious web sites ever exploit vulnerabilities in Linux clients? [closed]



Question:

Do malicious web sites ever exploit vulnerabilities in Linux clients?

Are there any documented instances of this happening in the wild?

I am talking about actually taking over the client's machine rather than cross-site scripting.

Also, I'm not asking whether it's possible in theory (of course it is, otherwise they wouldn't be vulnerabilities), but if anyone actually bothers to go after Linux users.


Solution:1

After adding my comment, I was very intrigued, and decided to do some research. Now all of this talk of malicious websites is a big "if." What I mean by this is that there are many factors that go into any malicious website. These include but are not limited to the following:

1) Ubuntu (Linux) Compatible - As unfortunate as it is, most PC users these days are running one version or another of Microsoft Windows, and because of that, most malicious programs in general are made to affect and attack the Windows operating system. As you can see here however, there are still people out there developing attacks against Linux users. Back to the point, because of this, over 95% of malicious websites that are made will not affect you! (You being an Ubuntu/Linux user)

2) User "stupidity" - First off, the user will have to either mis-click a link, visit an "unsafe page", or click on an advertisement of some sort to get to one of these pages. Once there, the website cannot do much on its own. On some level, the user will have to be prompted to either
A - Download a file or
B - (If the website is coded well enough to slip it into the background) The user will be prompted if any changes are attempted at changing the system.
So do your best not to visit said sites, and if you do, get some browser protection.

3) Intensity And Actual Function of Malicious Software - This is probably the one you will have to worry most about. Because Linux is a more in depth operating system, the system tends to be spread out more, which may make it hard to track down exactly where this Malicious Program infested (if at all). However, this is also a good thing. For example, in the link above, the program manifests as A Mozilla process. I Personally use Chrome, and have uninstalled Mozilla, so if I even so much as see a glimpse of the logo, I will start to worry. This can also make it easier to track and destroy the infest.

4) Protection On Computer - This one although looked past very often is probably the most important. If any of you reading this remember the crisis with MACs and their "great protection," skip ahead. If not, when the Mac-book laptop was first introduced, and the Apple Operating System was first being born, viral infestations were in their early stages, as little baby computer-bugs. When Apple announced that their laptops and computers would have (to paraphrase) "Next-To Perfect Antivirus," people were ecstatic. Because of this pre-installed anti-viral defense, the everyday user refrained from using any type of other software to protect their computer. As a result, once the Apple anti-viral software was cracked, millions of dollars of damage could be dealt from a remote source. Although that story may seem off topic from the question, it is exactly why Ubuntu and Linux in general in starting to get targeted by hackers. Because Ubuntu is famous for being safe and secure, people don't bother to get any antivirus software, leaving them open to attacks. So please, PLEASE, get some damn antivirus.

5) Elongated Periods of Time - Although Trojan viruses, and some minor bugs can manifest within a matter of minutes, some viruses may take hours, or even days to grow to their full size and take over your computer (sometimes literally.) To prevent this, you can schedule scans to happen on your computer. Depending on how time you spend browsing the web, you can adjust this accordingly. I personally have mine set to run every hour, and the best part is that I don't have to do anything! Just make sure to always play it safe. If you think you may contracted a virus, just do a scan immediately, and hey, you can always come to AskUbuntu for help solving it!

As to more thoroughly answer the question of "WIll people bother to go after Linux users?", yes. Unfortunately, every operating system is vulnerable to attack, and with a recent (past 1-2 years) surge of people using Linux, there have been more attacks on said people. Although many people do experience viruses on a daily basis, the "documented cases" that you are asking for do not really exist. If you were to see the official list, you would see that most viruses have been dealt with by now, but remember, more are made/updated every day.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »