• douglasg14b@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    1 year ago

    So, essentially, really poorly written malware? Given the number of assumptions it makes without any sort of robustness around system configuration it’s about as good as any first-pass bash script.

    It’d be a stretch to call it malware, it’s probably an outright fabrication to call it a virus.

  • UnverifiedAPK@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    It’s like that guy that posted an example Bitcoin miner on GitHub, then a bunch of script kiddies forgot to change his wallet info for their own before deploying… He made a good chunk of change by doing nothing malicious.

  • Cwilliams@beehaw.org
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    Text version:

    Downloaded a virus for Linux lately and unpacked it. Tried to run it as root, didn’t work. Googled for 2 hours, found out that instead of /usr/local/bin the virus unpacked to /usr/bin for which the user malware doesn’t have any write permissions, therefore the virus couldn’t create a process file. Found patched .configure and .make files on some Chinese forum, recompiled and rerun it. The virus said it needs the library cmalw-lib-2.0.Turns out cmalw-lib-2.0 is shipped with CentOS but not with Ubuntu. Googled for hours again and found an instruction to build a.deb package from source. The virus finally started, wrote some logs, made a core dump and crashed. After 1 hour of going through the logs I discovered the virus assumed it was running on ext4 and called into its disk encryption API. Under btrfs this API is deprecated. The kernel noticed and made this partition read-only

    Opened the sources, grep’ed the Bitcoin wallet and sent $5 out of pity.