Symantec discovers worm that targets systems running Linux—threat to other devices

December 2, 2013 by Bob Yirka report

( —Antivirus company Symantec has announced that it has discovered a new worm on the loose—one that attacks vulnerabilities in computer systems running Linux. Thus far, they report, the threat is minimal due to the worm only operating on x86 type computers. It could grow much worse, however, as the worm appears to be easily changed to allow for exploiting other types of hardware running Linux such as home routers, smart TVs or security cameras.

Symantec has named the worm Linux.Darlloz and reports that its main abilities at this time appear to be one of replication by taking advantage of a PHP vulnerability in systems running older versions of Linux. When it executes, it creates random IP addresses and attempts to locate pathways to other devices on the network. Those devices that aren't protected become infected as well, which in turn serve as aids in propagating the worm.

Linux is an open source operating system that is similar in many respects to Unix and has been widely used as both a learning and research tool. More recently, those making hardware devices have begun using it because no licensing fee is required. The down side is that because it's open source, many versions lack the security features of more robust operating systems such as (Unix based OS X) or Windows.

The fear with the new worm is that it appears it could be easily adapted to run on virtually any platform, and perhaps other operating systems—also, there is the problem of a sometimes lackadaisical approach to security by some device makers. A worm that infects a home router or TV isn't a big problem by itself—it's what it represents—an opportunity to infect an entire home or business network—that makes it a cause for alarm.

Symantec suggests that consumers consider only purchasing devices that can have their software upgraded and to choose hard-to-break passwords when configuring them, and of course, to make sure password entry is required. They also suggest consumers take advantage of the fact that most devices also come with console software that allows for verification as well as a means for blocking incoming PHP post requests.

Explore further: Help! How to avoid fast-moving computer worm

Related Stories

Help! How to avoid fast-moving computer worm

January 28, 2009

Since early January, a worm that has been referred to by several names, including "Downadup," "Kido" and "Conficker," has been infecting millions of computers around the world. The worm exploits a previously discovered vulnerability ...

iOS still safer than Android, according to Symantec report

June 29, 2011

( -- Since the Android OS came out people have been comparing it to the iOS. One of the most important debates has been about the relative security of the two operating systems. The iOS is rather closed, with ...

Symantec warns of new Stuxnet-like virus

October 19, 2011

US security firm Symantec has warned of a new computer virus similar to the malicious Stuxnet worm believed to have preyed on Iran's nuclear program.

Linux camp has key to Windows 8 boot lockout

October 14, 2012

(—Microsoft's rocky reputation with the open source community was not exactly obliterated with hardware news surrounding the upcoming launch of the operating system, Windows 8. Systems will come with Secure Boot ...

IBM to invest $1b in Linux, open-source

September 17, 2013

IBM said Tuesday it would invest $1 billion in new Linux and open source technologies for its servers in a bid to boost efficiency for big data and cloud computing.

Recommended for you

Inferring urban travel patterns from cellphone data

August 29, 2016

In making decisions about infrastructure development and resource allocation, city planners rely on models of how people move through their cities, on foot, in cars, and on public transportation. Those models are largely ...

How machine learning can help with voice disorders

August 29, 2016

There's no human instinct more basic than speech, and yet, for many people, talking can be taxing. 1 in 14 working-age Americans suffer from voice disorders that are often associated with abnormal vocal behaviors - some of ...

Apple issues update after cyber weapon captured

August 26, 2016

Apple iPhone owners on Friday were urged to install a quickly released security update after a sophisticated attack on an Emirati dissident exposed vulnerabilities targeted by cyber arms dealers.


Adjust slider to filter visible comments by rank

Display comments: newest first

3.2 / 5 (9) Dec 02, 2013
Don't agree that Linux is an more insecure because of it Open Source nature. This appears to be somewhat dated as Ubuntu already put a fix into the PHP code nearly a year ago.
3.2 / 5 (9) Dec 02, 2013
"The down side is that because it's open source, many versions lack the security features of more robust operating systems such as (Unix based OS X) or Windows."

The opposite is true. Also many UNIX systems are open source, and linux is a NIX system. the author contradicts himself. And describing windows as "secure" is complete joke
1.7 / 5 (7) Dec 02, 2013
Not true kochevnik.

The author is correct, for example, to get Linux close to the account security/management level of Windows requires a lot of custom modules and patches. I have to apply grsec/RBAC and a host of other things to only get near the level of flexibility that Windows NT/AD Groups provides.

It's even more annoying in some cases recent software works off of other older bins which don't support Linux Capabilities, severely limiting your ability to move away from +s, this is a built in security RISK.

If you're logical and brutally honest with yourself, you can see the weaknesses of Linux. Not a single professional in the industry will use Linux 'out of the box', as is, you can't, the default security model sucks. You HAVE to apply custom modules/patches to the kernel, you would be insane not to. These are the kinds of things which are baked into Windows/OSX.

Don't get me wrong, for all the work that has to go into a Linux server I think it's worth it.
2.8 / 5 (10) Dec 02, 2013 masters... I am disgusted that you would let obvious lies by an industry shill spreading FUD (fear uncertainty and denial) on a prestigious forum such as this. Any expert will tel you, open source is the only way to security, it's about freedom, not innovation.
2.6 / 5 (5) Dec 02, 2013
It's difficult to believe that the author is content to repeat outright lies in every paragraph of this so-called 'article'. This is a stellar example of copy/paste journalism, as long as you don't mind your name being connected to it, well....forever.
not rated yet Dec 02, 2013
You know PHP != linux. So from that point on, the article is bologna. Its a web attack on any server using php on an x86 architecture with certain versions of php. So yeah the article is hype journalism, windows centric and bias against open source and Linux.

However, this past week, I saw a successful php hack on a unbuntu 12 linux based webserver that got a uid=nobody shell which is perfect for a worm. So, beware. There is an active ongoing php exploit. Upgrade your php immediately!

not rated yet Dec 03, 2013
Do a search for the author 'Bob Yirka', his name is consistently associated with articles on Microsoft technology. His assertion that Windows is a more robust OS than Linux is downright laughable and underscores the desperation of Redmond to try to cling to the shrinking PC market, whilst Linux, through Android has utterly dominated the mobile market.
1 / 5 (3) Dec 03, 2013
You know PHP != linux. So from that point on, the article is bologna. Its a web attack on any server using php on an x86 architecture with certain versions of php. So yeah the article is hype journalism, windows centric and bias against open source and Linux.

The PHP attack alone wouldn't do anything if the underlying operating system wouldn't allow running arbitrary code and escalating permissions to the point where the system is taken over completely.

Linux has a tough armor, but once you get in it's all yours.
not rated yet Dec 07, 2013
Out of date software is insecure software. XP is a decade old.. Normal people don't use Ubuntu versions more than like two years old, because it's free. This, then, makes it more secure than Windows. 0 stars, FUD, journalistic failure.
1 / 5 (3) Dec 07, 2013
Bob Yirka and I are lovers.

He loves Billy Gates and I love myself and my linux system.
not rated yet Dec 21, 2013
That part of the article really can't be taken seriously, if one compares just how many malware and infections are counted on Windows systems, compared to Linux systems.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.