Next time some Linux aficionado tells you that Linux is more secure than Windows 10 just interrupt them by saying ‘Baloney!‘ That will stun them long enough to then tell them they have been duped by years of false Linux propaganda. Then, explain to them that the only reason Linux ‘seemed‘ to be a secure OS was/is that the Worldwide Desktop Linux user base has always been stuck at around 2+-%, and therefore not much interest in developing attack malware, viruses, worms, etc. Also, it wasn’t long ago – 3-8 years ago – that not a lot of hardware worked with Linux, but Linux hardware recognition has made big improvements in the past few years, which opens firmware vulnerabilities on products like routers, etc. However, when Linux stepped into being the #1 Server provider, hackers took an interest, and discovered that Linux is incredibly easy to hack into. For more info on the many security issues Linux faces daily see my *Linux Security Issues* page. I don’t keep that page updated, but an entire blog could easily be kept busy tracking Linux security issues.

Linux security breach due to worm attack

First – if a malware, virus, worm, trojan, etc can attack ‘n then takeover a Linux server, then it can also attack ‘n then takeover *ANY* Linux Desktop Distro.

What is the Linux kernel?:

The kernel is so named because—like a seed inside a hard shell—it exists within the OS and controls all the major functions of the hardware, whether it’s a phone, laptop, server, or any other kind of computer.

Linux aficionados have been led to believe that the Linux kernel is ‘totally secure‘ by actually believing years of their own hype. I used to think it was lying, but after recently seeing the update info on the new 5.9 Linux kernel it seems they just believe their own hype…even Linus Torvalds.

Gitpaste-12 Worm Targets Linux Servers, IoT Devices:

The newly discovered malware uses GitHub and Pastebin to house component code, and harbors 12 different initial attack vectors.

Researchers have uncovered a new worm targeting Linux based x86 servers, as well as Linux internet of things (IoT) devices (that are based on ARM and MIPS CPUs).

“No malware is good to have, but worms are particularly annoying,” said researchers with Juniper Threat Labs in a Thursday post. “Their ability to spread in an automated fashion can lead to lateral spread within an organization or to your hosts attempting to infect other networks across the internet, resulting in poor reputation for your organization.”

The first phase of the attack is the initial system compromise. The malware’s various attack modules include 11 previously-disclosed vulnerabilities. That includes flaws in Apache Struts (CVE-2017-5638), Asus routers (CVE-2013-5948), Webadmin plugin for opendreambox (CVE-2017-14135) and Tenda routers (CVE-2020-10987).

Note: Windows 10 comes with its own virus protection, Windows Security, but Linux doesn’t…

If you use Linux check the firmware on those routers!!! Think your Linux password protects you?

Gitpaste-12 Worm Targets Linux Servers, IoT Devices continues:

The malware will attempt to use known exploits for these flaws to compromise systems and may also attempt to brute force passwords, said researchers. After compromising a system, a main shell script is then uploaded to the victim machine, and starts to download and execute other components of Gitpaste-12.

(Note: That’s a new one to me, i.e. “attempt to brute force passwords” sounds like it can break passwords!?!?)

In terms of its worming capabilities, Gitpaste-12 also contains a script that launches attacks against other machines, in an attempt to replicate and spread the malware.

(Note: This is why many Linux Distros have sought help from Microsoft ‘n Microsoft Defender ATP now in public preview for Linux. ATP is “Advanced Threat Protection”)

That Gitpaste-12 Worm Targets Linux Servers, IoT Devices article also mentions a few other attacks that have happened in 2020, but there have been many many many more. Note that “Hackers Put Bullseye on Healthcare” at the end of the article…it goes Here.

I will add this post to the *Linux Security Issues* page…