Is my Ubuntu Jaunty installation infected?

Discussion in 'all things UNIX' started by Mr. Y, May 26, 2009.

Thread Status:
Not open for further replies.
  1. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    I ran a downloaded Windows executable under Wine- then funny things started happening:

    My Ubuntu workspace 1 became workspace 2.

    I ran the executable again and my workspace restored back to workspace 1.

    I ran the executable under Wine to insulate myself from Malware. It appears that Linux can be compromised after all.
     
  2. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Sounds like you're describing a bug in Ubuntu or WINE or GNOME. What makes you think you're infected, were you running/ testing malware?
     
  3. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343

    LOL. A Windows executable cannot infect Ubuntu no matter how hard it tries. Yes, a Win virus can cause problems for your .wine directory and cause some problems within WINE programs but it cannot infect your Ubuntu install.
     
  4. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    Stamford, CT
  5. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343

    That guy who posted that doesn't seem to get it. A Windows binary or script will not run on Linux. The permissions of the Windows virus file are inconsequential since the file wont execute (outside of the .wine fake Windows directory) in the first place. The Windows virus is not expecting a Linux system, and even if it could somehow break-out of Wine, it would have no idea what to do since Linux and Windows are two different operating systems.

    Now, if someone coded a virus specifically for WINE, that would be a different story. However, why go through that trouble when you could just write a native virus?
     
  6. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    I was running software with a high probability of having malware.
     
  7. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    I think they hand-crafted malware to handle a variety of scenarios that include "WINE".
     
  8. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    From now on I will run "high risk" software under a VirtualBox. Linux is not bulletproof.

    I am going to restore a Ubuntu archive to get a rid of this infection.

    The infection changed the signature on all the data files of a logical drive, although no viruses are detected.

    Can a logical data drive re-infect my restored archive Ubuntu drive?
     
  9. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,785
    Why are you doing this? That should be the first question you ask yourself....
     
  10. lewmur

    lewmur Registered Member

    Joined:
    Dec 22, 2008
    Posts:
    332
    So that he can make the claim the Linux isn't really safe. He makes a claim that there is a specific piece of malware designed to attack Linux via Wine. No security firm has reported such a vulnerability, much less an active exploit, but he can come here and post FUD claiming "personal experience." Yet he doesn't give the name of the download with the supposed malware, so that others could test its validity. Nor does his discription of the supposed damage make much sense. "My Ubuntu workspace 1 became workspace 2" What's this supposed to mean?

    For the fun of it, let's see if we can imagine why someone would write an exploit that, instead of attacking Linux directly, does so only through Wine. Who would benefit from that? Let's see? Could that possibly be someone who doesn't want Linux users to be able to run Windows programs? I got it!! It must be a Microsoftie!!!
     
  11. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    http://wiki.winehq.org/FAQ#head-3cb8f054b33a63be30f98a1b6225d74e305a0459

    As long as you do not run as root or SUDO and wine is not configured to access outside ~/wine the only thing that can/will get infected is you wine environment. So if you can read and write your to home from Wine (I dont know much about how wine is configured) Malware running via Wine can read and write to it, but in no way should be able to infect your entire system unless running as root/sudo.

    Cheers, Nick
     
  12. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    My thoughts exactly, though I was waiting for someone else to say it first. ;)

    The OP either has no idea of how Linux works or he is spreading FUD. No other possible explanations here.
     
  13. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    1. Both chronomatic and lewmur are wasting my time with their non-humerous snide remarks.

    2. likuidkewl has confirmed what I suspected.

    You're right, I won't do it again. This has turned into a nightmare for me.
     
  14. incursari

    incursari Registered Member

    Joined:
    May 16, 2004
    Posts:
    153
    Location:
    SG
    Can you upload that file to somewhere else and give us the link?
     
  15. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    I can't do that- I could get in trouble. Suggest a way that is untraceable.

    It appears that Malware has evolved into a new level. Viruses are for school children.
     
  16. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    Stamford, CT
    Allow PM's
     
  17. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    He confirmed a possibility for something. While i too am a little cautious with WINE, in reality the probability is really small.
    It's a bit hard, as you can guess, for me to judge this from over here, reading your post with little information. I'm not judging YOU note :)

    BTW, PM disabled?
     
  18. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    Hello Pedro,
    What is "PM"?

    Right now I am knee deep in computer problems- Perhaps in a month, I will be in a position to upload the Malware file to people so as to increase the credibility of my claims.

    Thankyou,
     
  19. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    Stamford, CT
    You have disabled Private Messages. This is the preferred way to discuss issues such as these here.
     
  20. Arup

    Arup Guest

    I am sorry, I don't believe one word of this, if this has not been implemented with SUDO, it ain't just happening out of blue.
     
  21. lewmur

    lewmur Registered Member

    Joined:
    Dec 22, 2008
    Posts:
    332
    I don't even understand what his complaint is all about. He says the malware moved "workspace 1 to workspace 2." If you have compiz enabled, just moving your cursor can do that. And too busy to identify the malware for another month? Give me a break!!:argh:
     
  22. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,785
    That mighty freakin' busy! :rolleyes:
     
  23. Arup

    Arup Guest


    Exactly........thats how Linux switchers workspace when Compiz is on.
     
  24. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    Hello likuidkew and Pedro,

    I have enabled Private Messages

    Do I have to be on-line at the same time as you for this to work?

    In the past, whenever I have run a P2P client in VirtualBox under a windows host- eventually the windows host becomes corrupted. I suspect this is because I access the downloaded files using my windows host.

    I switched to a Linux host (Ubuntu) and eventually it has become corrupted- It took 100 times longer to happen but it did.

    I am not a Linux expert but I am impressed by it's invulnerability compared to Windows. An average Linux user would never have to worry about computer security.
     
  25. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    PM sent.
     
Loading...
Thread Status:
Not open for further replies.