Apparently This Trojan Virus May Have Infected Linux Systems For Years

Turla Linux Trojan Virus

One of the first few argument in why should you switch to Linux is that Linux is secure and virus free. It is widely perceived by most of the Linux users that Linux is immune to viruses, which is true to an extent but not entirely.

Like any other OS, Linux too is not immune to malware, trojan, rootkit, virus etc. There have been several famous Linux viruses. But if you compare those to that of Windows, the number is infinitesimal. So, why am I talking about Linux viruses today then? Because a new trojan has been detected in market which might be impacting Linux systems.

Turla infects Linux systems as well

Few months back a sophisticated cyber espionage program, nicknamed Turla, was detected. It was supposed to be originated in Russia, allegedly with Russian government backing. The spyware program was targeting government organizations in Europe and the United States for four years.

In a recent report, researchers at Kaspersky has found that Turla was not only affecting Windows system but also Linux operating system. Kaspersky researchers have termed it the ‘missing piece of Turla puzzle’. As per the report:

“This newly found Turla component supports Linux for broader system support at victim sites. The attack tool takes us further into the set alongside the Snake rootkit and components first associated with this actor a couple years ago. We suspect that this component was running for years at a victim site, but do not have concrete data to support that statement just yet.”

What is this Linux module of Turla and how dangerous it is?

Going by the Kaspersky report,

The Linux Turla module is a C/C++ executable statically linked against multiple libraries, greatly increasing its file size. It was stripped of symbol information, more likely intended to increase analysis effort than to decrease file size. Its functionality includes hidden network communications, arbitrary remote command execution, and remote management. Much of its code is based on public sources.

Report also mentions that this trojan doesn’t require elevated privileges (read root) while running arbitrary remote commands and it cannot be discovered by commonly used administrative tools. Personally, I doubt their claims.

Suggested read
How To Fix Green Line At The Bottom In VLC In Linux

So, as a Linux desktop user, should you be scared? In my opinion, it is too early to go in to panic mode as we experienced with ShellShock Linux bug. Turla was originally intended for government organization, not common users. Let’s wait and watch for more concrete news. I’ll keep on updating this article. Till then enjoy Linux.

Add comment

E-mail is already registered on the site. Please use the Login form or enter another.

You entered an incorrect username or password

Sorry that something went wrong, repeat again!

7 comments

by Newest
by Best by Newest by Oldest

ESET has a NOD32 AV for Linux also, actually all one has to have is a extra multi user Windows license (or even one), go to the ESET home page and download NOD32 for Linux. Be sure under 'permissions' to place a check in the box to allow the software to install, and then after the required reboot, enter the Windows license credentials.

I've done it several times. Plus ESET has a killer 2 year deal for a single install, if one doesn't run Windows, but I get all of my security software at Newegg, will purchase a 3 PC/1 year boxed copy of NOD32 AV or Smart Security for $19.99, sometimes 2-3 at a time.

I wonder if turla can get itself into router firmware....

That's what I do is keep all my stuff on an external hard drive

ClamAV is also free, and has a graphical display too. It's named ClamTK

sophos AV for linux...get it. ... its free.

Cloud City Consultants Inc.

Do you have any security measures you do to keep your computer safe? for me i just backup my personal files and periodically just do a complete fresh install to keep my system clean and fast. for me anti-virus is a bit of an oxy-moron and always slowed my computer down with pop-ups and questionable ethics of the anti-virus company so i never put one on my computer as to me they feel worse than a virus and i feel i can fairly well monitor my system processes.

i just keep a clean back up on an external drive and if i need to i can reinstall when and if needed