Well, this is interesting. Kaspersky have released KVRT (Kaspersky Virus Removal Tool), which is free to use to scan your systems for issues.
This is not an active virus scanner, it doesn't constantly run on your system. Only when you load it and tell it to scan. It also doesn't auto-update, you need to go and download it fresh from their website each time. Still, it's interesting to see such a big name jump into something like this for Linux don't you think? They say it can "detect both malware and adware, as well as legitimate programs that can be used for attacks".
It may look like a Windows application but that really is on Linux.
As they said in their blog post announcement:
Modern-day cybercriminals aren’t ignoring Linux-based operating systems. Recently, we published a series of posts about malicious code in the open source set of utilities XZ Utils, which managed to find its way into several popular Linux builds; wrote about a Linux implant for the DinodasRAT malware — also known as XDealer; and warned about a backdoor in the Trojanized version of Free Download Manager. Despite all this, the myth that Linux is mostly immune to cyberthreats persists: companies rarely devote funds to protecting machines running this operating system. Therefore, we’ve released a dedicated free product that allows you to check Linux computers for modern threats — Kaspersky Virus Removal Tool (KVRT) for Linux.
What are your thoughts on this, and what do you use on your Linux desktop to keep it secure? Maybe it's time to give over some suggestions in the comments on that.
Article taken from GamingOnLinux.com.
Some you may have missed, popular articles from the last month:
The comments on this article are closed.
StalePopcorn Jun 3
Quoting: MayeulCI don't want to start a flame war or highly (geo)political arguments here, but you should 1. look up the definition of genocide 2. Have a look at https://icj-cij.org/case/182 (hint: forced assimilation, killings, indoctrination and deportation of children fit the bill, collateral victims are a tragedy but not genocide). I'm quite sensitive about this topic.
That's the thing about facts, they don't care about feelings. They're calling out Israel on committing genocide so maybe you're the one with the faulty dictionary… or heart.
Last edited by StalePopcorn on 3 June 2024 at 2:34 pm UTC
0 Likes
slaapliedje Jun 3
Quoting: MalThat linux isn't immure to malware and virus is knonwn. That kaspesky is the solution... it's questionable to say the least.I tend to think think there are a few reasons that anti-cheat don't support Linux. You'd have to integrate dkms and keep updating the anti-cheat when the kernel ABI breaks it. At least that would be one of the key reasons. After using Linux for as long as I have, and the many times an external kernel module won't compile on a new kernel is a pain point. It doesn't happen often, but it's often enough.
The general advice is to modify your kernel with anything that is not trusted and OSS. Know which repo you add to your apt. That already shuts down the most nasty risks. And we know it well enough... it's the reason why anti cheats refuse to support linux. They cannot spy without some kind of user approval... and they don't want to disclose what kind of spying they do.
Then for the rest (all kind of malicious activities outside kernel that is) it's the same as Windows. Educate your users to not do anything stupid on the web. And to not download snaps and the likes from untrusted sources. Which is easier said that done I suppose. Some antivirus support can definitely help here. But the antivirus itself needs to come from a trusted entity :)
Of course, the other reason they don't, because most users of Linux are far more conscious about security / privacy than your average Windows user, and know that anti-cheat methods are problematic in these cases. I'm glad that Proton supports certain ones, but it being left up to the devs whether they want to ban Linux users or not is annoying. My vote is to just not support these developers because they refuse to support us.
0 Likes
CyborgZeta Jun 3
I have no objection to this. I have no comment on Kaspersky as a company, but I've told in the past that their anti-virus is very good. I did briefly use it back on Windows 10 shortly before I switched to Linux, and it appeared to do a good job of finding things.
Would I use this? No, because I don't like downloading things from the Internet and running them as executable (and giving them sudo access, in this case). I am, perhaps naively, not concerned about viruses or malware on my PC. I use Linux, all my software comes from Flathub or the Ubuntu repos, and the stuff I do download from the Internet (images, music, ROMs, etc.) do not have root access.
Would I use this? No, because I don't like downloading things from the Internet and running them as executable (and giving them sudo access, in this case). I am, perhaps naively, not concerned about viruses or malware on my PC. I use Linux, all my software comes from Flathub or the Ubuntu repos, and the stuff I do download from the Internet (images, music, ROMs, etc.) do not have root access.
1 Likes, Who?
I use SentinelOne which is enterprise-grade AV, but I also have access to it because I sell it. It has impressed me a lot but sadly there are no equivalent products on the consumer side of the market that are similar. Really makes you wonder why...
Anyways, I'd normally say just be smart about what you download and click on but I feel like attacks are only getting more sophisticated. The future is all about behavioral detection and has always been about layering your security (Modern AV, firewall, good security hygiene etc.).
Anyways, I'd normally say just be smart about what you download and click on but I feel like attacks are only getting more sophisticated. The future is all about behavioral detection and has always been about layering your security (Modern AV, firewall, good security hygiene etc.).
0 Likes
legluondunet Jun 3
Anti-Virus for what use? I never saw a virus on my Linux computers in more than 25 years.
To collect information on our Linux hard drives and sell them to companies for their statistics?
To collect information on our Linux hard drives and sell them to companies for their statistics?
2 Likes, Who?
Quoting: legluondunetAnti-Virus for what use? I never saw a virus on my Linux computers in more than 25 years.
To collect information on our Linux hard drives and sell them to companies for their statistics?
Well there was the _one_ incident with xz, so...
Funny how no one realizes that antiviruses are fundamentally the wrong way to solve the problem. They are _reactive_, meaning they defend against old attacks, but old attacks rely on old bugs and old bugs get fixed. They don't defend against new attacks obviously because they don't know what they are.
The fact that they are needed on windows is not because antivirus is necessary, but rather because windows is garbage. It's a system where apps run with root access and the system is no help in updating them. So you have buggy old software running as root for years, _of course_ the system gets riddled with viruses.
Last edited by ShabbyX on 4 June 2024 at 11:44 am UTC
3 Likes, Who?
Quoting: amataiIt was bound to happen with the recent extension of surface attack on Linux. When software was only installed from the repo, the security was manageable, but with the growing availability of software outside the repo system (from AUR to snap, steam, flatpack, curl foo.sh | sudo, ...), there start to be a market for antivirus. It feels like the end of an era.
repos were never enough, we didnt had good game engines there for example, there are tons of softwares that we still need and repos simply cant deal with the imensive suply chain that end users might need, so people will soon or later "shop" for softwares elsewhere like on github.
0 Likes
Quoting: legluondunetI never saw a virus on my Linux computers in more than 25 years.Most of us don't look though, I'm certainly interested in checking out this tool and seeing if it finds anything.
1 Likes, Who?
TheRiddick Jun 4
if it was all open-source then I think they'd find a audience to sell to.
3 Likes, Who?
So it requires an internet connection and asks you to agree to your data being handled and transmitted... somewhere. OK, two reasons to pass on it.
Still curious about it so I've sent the file to VirusTotal to analyze it. It shows some interesting details about what files it writes, copy or modify on your system, what IPs it tries to connect to and what commands it executes.
It also displays a warning: The sandbox CAPE Linux flags this file as: MALWARE, which looks worrisome, but truth be told, I'm a total noob about security, so maybe some one else could took a look and give some insights?
Is enough to send the file or url to VirusTotal ( https://en.wikipedia.org/wiki/VirusTotal ) or a similar site. I used this one since it accepts big file uploads.
Still curious about it so I've sent the file to VirusTotal to analyze it. It shows some interesting details about what files it writes, copy or modify on your system, what IPs it tries to connect to and what commands it executes.
It also displays a warning: The sandbox CAPE Linux flags this file as: MALWARE, which looks worrisome, but truth be told, I'm a total noob about security, so maybe some one else could took a look and give some insights?
Is enough to send the file or url to VirusTotal ( https://en.wikipedia.org/wiki/VirusTotal ) or a similar site. I used this one since it accepts big file uploads.
1 Likes, Who?
Patreon
PayPal
See more from me