Symantec discovers worm that targets systems running Linux—threat to other devices

Dec 02, 2013 by Bob Yirka report

(Phys.org) —Antivirus company Symantec has announced that it has discovered a new worm on the loose—one that attacks vulnerabilities in computer systems running Linux. Thus far, they report, the threat is minimal due to the worm only operating on x86 type computers. It could grow much worse, however, as the worm appears to be easily changed to allow for exploiting other types of hardware running Linux such as home routers, smart TVs or security cameras.

Symantec has named the worm Linux.Darlloz and reports that its main abilities at this time appear to be one of replication by taking advantage of a PHP vulnerability in systems running older versions of Linux. When it executes, it creates random IP addresses and attempts to locate pathways to other devices on the network. Those devices that aren't protected become infected as well, which in turn serve as aids in propagating the worm.

Linux is an open source operating system that is similar in many respects to Unix and has been widely used as both a learning and research tool. More recently, those making hardware devices have begun using it because no licensing fee is required. The down side is that because it's open source, many versions lack the security features of more robust operating systems such as (Unix based OS X) or Windows.

The fear with the new worm is that it appears it could be easily adapted to run on virtually any platform, and perhaps other operating systems—also, there is the problem of a sometimes lackadaisical approach to security by some device makers. A worm that infects a home router or TV isn't a big problem by itself—it's what it represents—an opportunity to infect an entire home or business network—that makes it a cause for alarm.

Symantec suggests that consumers consider only purchasing devices that can have their software upgraded and to choose hard-to-break passwords when configuring them, and of course, to make sure password entry is required. They also suggest consumers take advantage of the fact that most devices also come with console software that allows for verification as well as a means for blocking incoming PHP post requests.

Explore further: IBM to invest $1b in Linux, open-source

Related Stories

IBM to invest $1b in Linux, open-source

Sep 17, 2013

IBM said Tuesday it would invest $1 billion in new Linux and open source technologies for its servers in a bid to boost efficiency for big data and cloud computing.

Linux camp has key to Windows 8 boot lockout

Oct 14, 2012

(Phys.org)—Microsoft's rocky reputation with the open source community was not exactly obliterated with hardware news surrounding the upcoming launch of the operating system, Windows 8. Systems will come ...

Help! How to avoid fast-moving computer worm

Jan 28, 2009

Since early January, a worm that has been referred to by several names, including "Downadup," "Kido" and "Conficker," has been infecting millions of computers around the world. The worm exploits a previously discovered vulnerability ...

Symantec warns of new Stuxnet-like virus

Oct 19, 2011

US security firm Symantec has warned of a new computer virus similar to the malicious Stuxnet worm believed to have preyed on Iran's nuclear program.

Recommended for you

Unlocking the potential of simulation software

just added

With a method known as finite element analysis (FEA), engineers can generate 3-D digital models of large structures to simulate how they'll fare under stress, vibrations, heat, and other real-world conditions.

Indonesian capital threatens to ban Uber car app

20 hours ago

The Indonesian capital is threatening to shut down controversial smartphone car-hailing service Uber due to licensing issues a week after it officially launched in the city, an official said Wednesday.

User comments : 11

Adjust slider to filter visible comments by rank

Display comments: newest first

peter09
3.2 / 5 (9) Dec 02, 2013
Don't agree that Linux is an more insecure because of it Open Source nature. This appears to be somewhat dated as Ubuntu already put a fix into the PHP code nearly a year ago.
http://askubuntu....loz-worm
kochevnik
3.2 / 5 (9) Dec 02, 2013
"The down side is that because it's open source, many versions lack the security features of more robust operating systems such as (Unix based OS X) or Windows."

The opposite is true. Also many UNIX systems are open source, and linux is a NIX system. the author contradicts himself. And describing windows as "secure" is complete joke
SincerelyTwo
1.7 / 5 (7) Dec 02, 2013
Not true kochevnik.

The author is correct, for example, to get Linux close to the account security/management level of Windows requires a lot of custom modules and patches. I have to apply grsec/RBAC and a host of other things to only get near the level of flexibility that Windows NT/AD Groups provides.

It's even more annoying in some cases recent software works off of other older bins which don't support Linux Capabilities, severely limiting your ability to move away from +s, this is a built in security RISK.

If you're logical and brutally honest with yourself, you can see the weaknesses of Linux. Not a single professional in the industry will use Linux 'out of the box', as is, you can't, the default security model sucks. You HAVE to apply custom modules/patches to the kernel, you would be insane not to. These are the kinds of things which are baked into Windows/OSX.

Don't get me wrong, for all the work that has to go into a Linux server I think it's worth it.
Crow-
2.8 / 5 (10) Dec 02, 2013
phys.org masters... I am disgusted that you would let obvious lies by an industry shill spreading FUD (fear uncertainty and denial) on a prestigious forum such as this. Any expert will tel you, open source is the only way to security, it's about freedom, not innovation.
LIsabelle
2.6 / 5 (5) Dec 02, 2013
It's difficult to believe that the author is content to repeat outright lies in every paragraph of this so-called 'article'. This is a stellar example of copy/paste journalism, as long as you don't mind your name being connected to it, well....forever.
Howhot
not rated yet Dec 02, 2013
You know PHP != linux. So from that point on, the article is bologna. Its a web attack on any server using php on an x86 architecture with certain versions of php. So yeah the article is hype journalism, windows centric and bias against open source and Linux.

However, this past week, I saw a successful php hack on a unbuntu 12 linux based webserver that got a uid=nobody shell which is perfect for a worm. So, beware. There is an active ongoing php exploit. Upgrade your php immediately!

gmurphy
not rated yet Dec 03, 2013
Do a search for the author 'Bob Yirka', his name is consistently associated with articles on Microsoft technology. His assertion that Windows is a more robust OS than Linux is downright laughable and underscores the desperation of Redmond to try to cling to the shrinking PC market, whilst Linux, through Android has utterly dominated the mobile market.
Eikka
1 / 5 (3) Dec 03, 2013
You know PHP != linux. So from that point on, the article is bologna. Its a web attack on any server using php on an x86 architecture with certain versions of php. So yeah the article is hype journalism, windows centric and bias against open source and Linux.


The PHP attack alone wouldn't do anything if the underlying operating system wouldn't allow running arbitrary code and escalating permissions to the point where the system is taken over completely.

Linux has a tough armor, but once you get in it's all yours.
chromosome2
not rated yet Dec 07, 2013
Out of date software is insecure software. XP is a decade old.. Normal people don't use Ubuntu versions more than like two years old, because it's free. This, then, makes it more secure than Windows. 0 stars, FUD, journalistic failure.
Humpty
1 / 5 (3) Dec 07, 2013
Bob Yirka and I are lovers.

He loves Billy Gates and I love myself and my linux system.
Bachi
not rated yet Dec 21, 2013
That part of the article really can't be taken seriously, if one compares just how many malware and infections are counted on Windows systems, compared to Linux systems.