Jane goes to download a tar gzip package from the internet. She unpacks the file and sees a readme file with no extension. Readme files do not contain a txt extension on most unix systems (for whatever damn reason.. to be different? to be naive?). Jane assumes it is a readme and opens it. It opens her text editor, and a nice readme is displayed.
What really happened was Readme was an executable which launched her default editor, and placed some text into the editor that was stored in the binary - but also injected a virus into her system before and after the editor opened up. The virus scanned her computer for all files that had write permissions, and slowly deleted or infected all these files.
Do people view their readme files before they click them in a GUI? Some advanced hackers still view the files directly by using programs like nano, vi, emacs, etc. But people like Jane who are using a GUI generally click things - or hit enter or return on the files, because they are using a GUI and it is natural.
The next time someone tells me linux doesn't get virus/virii I'm going to smack them over the head 452 times with my keyboard.
The reason there aren't that many linux virii out there is simply because no one uses that operating system and it isn't worth targetting.
This article applies to bsd, linux, modern mac os's, and all other unix like operating systems too.
Yeah, this wiki runs on a unix server - I'm not against unix. I'm against stupidity.
|