- cross-posted to:
- linuxmemes@lemmy.world
- cross-posted to:
- linuxmemes@lemmy.world
It’s like that guy that posted an example Bitcoin miner on GitHub, then a bunch of script kiddies forgot to change his wallet info for their own before deploying… He made a good chunk of change by doing nothing malicious.
Dream job.
So, essentially, really poorly written malware? Given the number of assumptions it makes without any sort of robustness around system configuration it’s about as good as any first-pass bash script.
It’d be a stretch to call it malware, it’s probably an outright fabrication to call it a virus.
This is… clearly a meme…
I wasn’t sure about it either. There’s security researchers out there who might genuinely want to get a virus to run in a VM.
But yeah, the
cmalw-lib-2.0
gives it away…Yeah, nobody uses
cmalw-lib-2.0
Its deprecated, now we use
hack-lib-client-1.17
So you’re saying it’s about as robust as a typical Linux application then?
“It works on my machine”
He said the thing!
Packagers job to make it fit their distro, innit?
As a package maintainer, it’s a lot of fun sometimes!
I bet, both ironically and genuinely, depending on the cade. Flatpak must feel like a godsend to a lot of people haha
I’ve actually never used flatpak, I still prefer distro-specific package managers
Flatpak is really nice imo. You can have stable distro with up-to-date apps. And sandboxing for proprietary stuff, which is really nice.
Username checks out
I think it was a fun post about what we go through sometimes just to get X or Y working. It was quite clever.
I know your shitposting, but I used to run into shit like this all the time back when I used to try to run Loki software games on Linux back in the day. Within 6 months all the games I had were un-fucking-runnable.
It’s still a thing now depending how crazy you want to get with your system (let’s pretend you don’t run Linux on an x86 system for example - good luck lol)
if youre gonna write linux malware at least distribute it as a flatpak ffs
Scammers these days lack basic courtesy 🤦♂️
Already on it https://flathub.org/apps/com.microsoft.Edge
Should’ve written the malware in Go, smh
./malware -help
Usage: ./malware [OPTIONS] Options: -h, --help Display this help message and exit. -i, --infect Infect target system with payload. -s, --spread Spread malware to vulnerable hosts. -c, --configure Configure malware settings interactively. -o, --output [FILE] Save log output to a file. -q, --quiet Quiet mode - suppress non-critical output. Advanced Options: -a, --activate [CODE] Activate advanced features with code. -b, --backdoor [PORT] Open backdoor on specified port. -m, --mutate Evade detection by mutating code. Description: Malware toolkit for educational purposes only. Use responsibly on authorized systems. Examples: ./malware -i Infect local system with default payload. ./malware -i -s Infect and spread to other systems. ./malware -a ACTCODE -b 1337 Activate advanced features and open backdoor. ./malware -q -o output.log Run quietly, save logs to 'output.log'.
A system bestowed upon us by gods.
Sorry, folks. Using
cmalw-lib
is now deprecated.Cool kids are using
systemd-malwd
Isn’t this just a newer version of this? https://www.gnu.org/fun/jokes/evilmalware.html
Even if it were inspired, it is significantly different the way it’s written. I’ve hit these same challenges before, so I’m more inclined to think it is independent discovery.
The newer one is a lot funnier though.
This reminds me of the old linux hater’s blog post “At least we don’t have any viruses”.
That certainly was a blog with many emotions. Coming at this with no context, it looks like the kind of content that would be beautiful satire, except it’s probably not.
Linux Hater’s Blog was half satire and half honest criticism.
Seems like the prediction about the web panned out…
i laughed so hard 😂 😂 😂
I laughed and my partner ask why. I told her it’s some really nerdy humor. She was fine not hearing the joke, but I loosely explained it anyway. She humored me anyway. She’s a good woman.
if only all my friends were like that
They definitely tolerate my nerdiness, but they just don’t get it, even after an explanation.
Text version:
Downloaded a virus for Linux lately and unpacked it. Tried to run it as root, didn’t work. Googled for 2 hours, found out that instead of
/usr/local/bin
the virus unpacked to/usr/bin
for which the user malware doesn’t have any write permissions, therefore the virus couldn’t create a process file. Found patched .configure and .make files on some Chinese forum, recompiled and rerun it. The virus said it needs the librarycmalw-lib-2.0
.Turns outcmalw-lib-2.0
is shipped with CentOS but not with Ubuntu. Googled for hours again and found an instruction to build a.deb package from source. The virus finally started, wrote some logs, made a core dump and crashed. After 1 hour of going through the logs I discovered the virus assumed it was running on ext4 and called into its disk encryption API. Under btrfs this API is deprecated. The kernel noticed and made this partition read-onlyOpened the sources, grep’ed the Bitcoin wallet and sent $5 out of pity.
I guess the process could be regarded as gain of function research.