Author Topic: Windows virus inside Linux iso distros?  (Read 1183 times)

0 Members and 1 Guest are viewing this topic.

Offline MT

  • Super Contributor
  • ***
  • Posts: 1290
  • Country: cn
Windows virus inside Linux iso distros?
« on: November 30, 2017, 03:50:18 pm »
I know zero about Linux.

Is it possible to embed a virus in this case WIN32:vitro inside a Linux iso in this case Knoppix?
Because my antivirus flagged a file on the USB stick after using Rufus to make a USB stick Knoppix
bootable image under the isolinux map as being contaminated?

I thought Win virus didnt work on Linux (perhaps a displaced assumption).
 

Offline technogeeky

  • Frequent Contributor
  • **
  • Posts: 546
  • Country: us
  • Older New "New Player" Player Playa'
Re: Windows virus inside Linux iso distros?
« Reply #1 on: November 30, 2017, 04:59:47 pm »
I know zero about Linux.

Is it possible to embed a virus in this case WIN32:vitro inside a Linux iso in this case Knoppix?
Because my antivirus flagged a file on the USB stick after using Rufus to make a USB stick Knoppix
bootable image under the isolinux map as being contaminated?

I thought Win virus didnt work on Linux (perhaps a displaced assumption).

It is, of course, possible. When scanning, virus detection is done based on the contents of a file, not the behavior of a program in memory. A file is a file across any operating system or storage medium.

This thread (which is very recent) seems to suggest that the detection of this virus in a Knoppix ISO is a false detection. Even if the virus were really present in the ISO and you installed and used the operating system, it's not likely that it would damage the Knoppix OS installation.

 

Offline CJay

  • Super Contributor
  • ***
  • Posts: 3547
  • Country: gb
Re: Windows virus inside Linux iso distros?
« Reply #2 on: November 30, 2017, 05:06:03 pm »
I know zero about Linux.

Is it possible to embed a virus in this case WIN32:vitro inside a Linux iso in this case Knoppix?
Because my antivirus flagged a file on the USB stick after using Rufus to make a USB stick Knoppix
bootable image under the isolinux map as being contaminated?

I thought Win virus didnt work on Linux (perhaps a displaced assumption).

It is, of course, possible. When scanning, virus detection is done based on the contents of a file, not the behavior of a program in memory. A file is a file across any operating system or storage medium.

This thread (which is very recent) seems to suggest that the detection of this virus in a Knoppix ISO is a false detection. Even if the virus were really present in the ISO and you installed and used the operating system, it's not likely that it would damage the Knoppix OS installation.

I wonder if it would be possible to scrip the injection of malware from a bootable Linux USB stick when it's booted as a 'live disk' on a windows machine...

Doesn't seem like that'd take much effort.
 

Offline rstofer

  • Super Contributor
  • ***
  • Posts: 7409
  • Country: us
Re: Windows virus inside Linux iso distros?
« Reply #3 on: November 30, 2017, 06:13:19 pm »
Sure, just find the hard drive and write whatever you want.  Heck, erase the thing.  Start with the MBR and wipe out the directory chains.  That ought to do it.
 

Offline MT

  • Super Contributor
  • ***
  • Posts: 1290
  • Country: cn
Re: Windows virus inside Linux iso distros?
« Reply #4 on: December 01, 2017, 12:45:30 am »
I know zero about Linux.

Is it possible to embed a virus in this case WIN32:vitro inside a Linux iso in this case Knoppix?
Because my antivirus flagged a file on the USB stick after using Rufus to make a USB stick Knoppix
bootable image under the isolinux map as being contaminated?

I thought Win virus didnt work on Linux (perhaps a displaced assumption).

It is, of course, possible. When scanning, virus detection is done based on the contents of a file, not the behavior of a program in memory. A file is a file across any operating system or storage medium.

This thread (which is very recent) seems to suggest that the detection of this virus in a Knoppix ISO is a false detection. Even if the virus were really present in the ISO and you installed and used the operating system, it's not likely that it would damage the Knoppix OS installation.

Ah i see! Yes AWG barked. Thanks for the link! I pointed the iso url for VT to test it , it goes green.
ftp://ftp.uni-kl.de/pub/linux/knoppix-dvd/KNOPPIX_V8.1-2017-09-05-EN.iso
 

Offline retiredcaps

  • Super Contributor
  • ***
  • Posts: 3462
  • Country: ca
Re: Windows virus inside Linux iso distros?
« Reply #5 on: December 01, 2017, 12:59:57 am »
Maybe I don't see it, but it is a bit disappointing that a distro as old as Knoppix isn't providing a sha256sum so you can verify its ISO image.  Nevermind, found it below.

Linux Mint was hacked Feb 2016 and now recommends you check your image using md5.

https://blog.linuxmint.com/?p=2994

edit:

http://knoppix.net/wiki3/index.php?title=Downloading_FAQ#What_are_these_md5_files.3F
« Last Edit: December 01, 2017, 01:14:17 am by retiredcaps »
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf