Well, this is interesting. Kaspersky have released KVRT (Kaspersky Virus Removal Tool), which is free to use to scan your systems for issues.
This is not an active virus scanner, it doesn't constantly run on your system. Only when you load it and tell it to scan. It also doesn't auto-update, you need to go and download it fresh from their website each time. Still, it's interesting to see such a big name jump into something like this for Linux don't you think? They say it can "detect both malware and adware, as well as legitimate programs that can be used for attacks".
It may look like a Windows application but that really is on Linux.
As they said in their blog post announcement:
Modern-day cybercriminals aren’t ignoring Linux-based operating systems. Recently, we published a series of posts about malicious code in the open source set of utilities XZ Utils, which managed to find its way into several popular Linux builds; wrote about a Linux implant for the DinodasRAT malware — also known as XDealer; and warned about a backdoor in the Trojanized version of Free Download Manager. Despite all this, the myth that Linux is mostly immune to cyberthreats persists: companies rarely devote funds to protecting machines running this operating system. Therefore, we’ve released a dedicated free product that allows you to check Linux computers for modern threats — Kaspersky Virus Removal Tool (KVRT) for Linux.
What are your thoughts on this, and what do you use on your Linux desktop to keep it secure? Maybe it's time to give over some suggestions in the comments on that.
Quoting: MalThat linux isn't immure to malware and virus is knonwn. That kaspesky is the solution... it's questionable to say the least.
The general advice is to modify your kernel with anything that is not trusted and OSS. Know which repo you add to your apt. That already shuts down the most nasty risks. And we know it well enough... it's the reason why anti cheats refuse to support linux. They cannot spy without some kind of user approval... and they don't want to disclose what kind of spying they do.
Then for the rest (all kind of malicious activities outside kernel that is) it's the same as Windows. Educate your users to not do anything stupid on the web. And to not download snaps and the likes from untrusted sources. Which is easier said that done I suppose. Some antivirus support can definitely help here. But the antivirus itself needs to come from a trusted entity :)
It's a VRT(virus removal tool) those are supposed to be run on system critical systems of which we already know that it contains malware, but removing it is hard, in such a case root is a must.
I've been comparing it to ClamAV, which I now realize is unfair.
They also have an anti-virus for linux, but that one isn't new.
Apperantly there also open source vrt's
Last edited by LoudTechie on 3 June 2024 at 12:53 pm UTC
Quoting: NeoTheFoxI would never advise anyone to run anything that came out of Kaspersky Lab on their machines. Don't forget that Kaspersky lab is directly run by the Russian intelligence service, and it's on the US National Security risk listI've used Kaspersky for almost 4 years on 2x Win 7 systems and it is incredibly effective and incredibly light on resources. And you are helplessly mind-washed by media to believe words of US National Security, a government that spies on its own people, has 0 respect for their private internet activities, listens to them while they are inside electric-cars or using smart TVs, collects and sells their information, uses Microsoft OS to basically control and own the entire digital world, implements CPUs within CPUs (Intel Management Engine and equivalent of it on AMD CPUs) to backdoor their hardware at will and witch-hunts whistle blowers for life.
And what has Russia done exactly that you are on high alert? Where is their spyware?
Quoting: StalePopcornMaybe comments should be disabled since a pattern is already present, but Kaspersky are not doing operating from a country directly or indirectly involved in mass genocide, if we're going to be throwing rocks, remember that we're in a glass house.
Yeah, but no. I'm not going to install Kaspersky on my system because of US foreign politics (if that is what you were referring to). For my part, it's off topic. Both are bad. One doesn't nullify the other.
Silly Kaspersky, you don't need a dedicated tool to format the windows drive.
Quoting: MangojuicedrinkerAnd what has Russia done exactly that you are on high alert? Where is their spyware?This week they put coffins with the national flag in a highly frequented avenue of my city, last week they had defaced a monument to national heroes. A few month ago, some high ranking official of them threatened to blow up a city in my country. While it is not my favorite city, this is where my brother-in-law is living so that would be inconvenient. The list can go on for long, US is not the only country that Russia does not like and Russia have way to show its displeasure.
Quoting: MangojuicedrinkerAnd what has Russia done exactly that you are on high alert? Where is their spyware?
Literally yesterday Russia compromised Polish Press Agency's website and put up a fake news about mobilisation and they did it by installing malware on the computer of one of the journalists. And that's just one example out of many. We're in the middle a of a cyber war in case you hadn't noticed.
Quoting: MangojuicedrinkerQuoting: NeoTheFoxI would never advise anyone to run anything that came out of Kaspersky Lab on their machines. Don't forget that Kaspersky lab is directly run by the Russian intelligence service, and it's on the US National Security risk listI've used Kaspersky for almost 4 years on 2x Win 7 systems and it is incredibly effective and incredibly light on resources. And you are helplessly mind-washed by media to believe words of US National Security, a government that spies on its own people, has 0 respect for their private internet activities, listens to them while they are inside electric-cars or using smart TVs, collects and sells their information, uses Microsoft OS to basically control and own the entire digital world, implements CPUs within CPUs (Intel Management Engine and equivalent of it on AMD CPUs) to backdoor their hardware at will and witch-hunts whistle blowers for life.
And what has Russia done exactly that you are on high alert? Where is their spyware?
There are lots of examples of Russian malware.
Some of these were spear phishing and thus not a danger to the everyday citizen, but others certainly weren't.
I might still use Kaspersky's products though. I simply admit that most "... virus ..." software functions as a protection racket and should as long it's not open source not be included in everyday operations just in incident mangament.
Last edited by LoudTechie on 3 June 2024 at 1:19 pm UTC
See more from me