One of the reasons people are switching to Linux is for increased security. After switching to Linux, do you think you no longer have to worry about viruses and other types of malware. While this is largely true in practice, Linux is actually not all that secure.
If a virus wants to hack into your free and open source OS, chances are it can do it.
Why malware is less common on Linux
Malware is unwanted code that somehow got into your computer to perform functions designed with malicious intent. Sometimes these programs slow down your computer or cause it to crash completely. The creators of the virus can then demand a ransom to remove it from your computer.
Sometimes malware downloads information to remote servers, giving someone access to your stored data or entered credentials such as passwords and credit card numbers, etc.
People tend to create malware for Windows because it is the operating system found on most PCs. This fact increases the likelihood of a virus spreading from one computer to another.
Virus makers tend to target less technical users who are easier to fool with fake web banners and phishing. Viruses are also spread in files downloaded through a torrent tracker or through unreliable sources that contain malicious code.
Linux malware exists, but it’s few
One malware targeting Linux has been released recently. EvilGNOME runs on the GNOME desktop, posing as an extension.
GNOME is the most common Linux desktop environment and is used as the default interface on the two most popular Linux distributions, Ubuntu and Fedora, and on computers that ship directly from Linux vendors such as System76 and Purism. Official extensions allow you to modify many aspects of the GNOME desktop.
The malware known as EvilGNOME can take screenshots and record audio from your computer’s microphone. It can also upload your personal files. A more detailed description is available in the Intezer Labs report .
Most viruses target Linux servers
Linux is relatively less common on desktops, but it is the most prominent operating system on the servers that power the Internet and control much of the world’s digital infrastructure.
Many attacks target websites rather than PCs. Hackers often look for vulnerabilities in network daemons that they can use to gain access to Linux servers. Some hackers install malicious script on the server that will target visitors rather than the system itself
Hacking Linux computers, be they servers or IoT devices, is one way to infect the entire internet or create a botnet .
Linux design is insecure
Compared to Windows XP, where malware could gain administrator access without prompting for a password, Linux provided much better security. Starting with Windows Vista, Microsoft has made changes to close this gap.
And yet, concerns about the security of system files are almost overlooked. Most of the data we are interested in is not stored in our root system folders. A lot of personal data is stored in our home directory. Linux software, malicious or otherwise, does not require your password to access this data and exchange it with others.
User accounts can also run scripts that activate your microphone, turn on your webcam, log keystrokes, and record what’s happening on the screen.
In other words, it almost doesn’t matter how secure the Linux kernel is or the security measures associated with various system components, as long as it is vulnerabilities in applications and the desktop environment that could put the data most important to you at risk.
EvilGNOME does not install itself among your system files. It hides in a hidden folder in your home directory. On the other hand, it makes it easier to remove malware, but you must first know that it is there.
4 reasons why Linux is relatively safe to use
While Linux is not immune to exploits, it still provides a much safer environment than Windows in day-to-day use. There are several reasons why this is the case.
1. Several distributions, environments and system components
It is difficult for application developers to develop software for Linux because there are many and different versions to support. Malware creators face the same problem. What’s the best way to break into someone’s computer? Do you steal DEB or RPM files?
You can try to exploit a vulnerability in the Xorg display server or in a specific window composer, only to find that users have something else installed.
2. Application stores and package managers protect Linux users
Traditional Linux package management systems put application developers and reviewers between users and their software source. As long as you get all of your software from these trusted sources, you are unlikely to run into anything malicious.
Try not to copy or paste the command line instructions for installing the software, especially if you are unsure of what the command is doing and are unsure of the source.
3. New technologies actively monitor safety
Newer app formats such as Flatpak and Snap provide permissions and sandboxing by restricting access to apps. Wayland’s new display server does not allow apps to take screenshots or screen recordings, making it difficult to use.
4. The source code is open to everyone
The main advantage of Linux is the ability to view the code. Since Linux is an open source OS and not proprietary, you don’t need to worry about the desktop itself working against you, acting like spyware, or susceptible to exploits that were not disclosed for commercial reasons.
Even if you can’t figure out the code, you can read the posts or blog reports of whoever does it.
Should you be afraid of malware on Linux?
It’s a myth that Linux users don’t need to worry about viruses, but if you stick to your distribution’s app stores or other trusted sources like Flathub , you’re unlikely to come across anything dangerous.
Regardless of which operating system you are using, it is important that you take security measures. Make no mistake in the belief that switching to Linux means you can download from untrusted sites without any problems.
However, for most of us, the biggest risk is probably not malware. If you’ve created a large number of online accounts or depend on cloud services, phishing scams pose a much bigger threat to your data, whether you’re using Linux or not.