That is not a virus, it's a vulnerability found on bash.
How many of those are found on linux vs. the tens of patches rolled over through windows update every week?
Also there is a difference in the security you get from the ground up on any linux system compared to trying to be secure after being a toy os for years like windows is trying to do.
Linux: You need to be authenticated as as sysadmin to be able to do anything that could endanger the system.
Windows: Let's just run anything on a newly connected drive, without any user consent, as long as a text file called "autorun.inf" is on it. And let's not forget to give the user a choice to turn that feature off, which is a security hole and it's enabled by default, and it depends on a registry key accessible to any and all software that may want to change it. Again without user consent.
Try this on a windows box:
Download Easeus partition master, any version from 7.0 to 9.0 or even the newest one, I don't think they patched this yet.
Go to control panel, turn off autorun for all drives if it was on, save or close all control panel windows.
Run partition master, don't do anything, close the program
Autorun is now enabled for all drives. Go check in the control panel.
Did some part of the process ask you if you wanted to turn on Autorun?. Yeah, exactly.
One vulnerability found on linux in 25 years and there aren't still any malware exploiting it. That doesn't mean that there is a virus, worm or anything putting the OS at risk.
The vulnerability presents on certain configurations where there are servers running and responding requests from the internet, not on every desktop installations. There aren't any ports open by default on a new linux install unless you install and run specific software.
Most if not all linux viruses depend on you explicitly running them. To do anything dangerous, they need to be run with administrative privileges, not the default way of running software on linux.
Windows? Thousands and thousands of viruses listed on any antivirus program with virus definitions in the hundreds of megabytes.
Linux? A list so small that doesn't even fill an A4 sheet with size 12 font.
Let's not forget that
SONY installed rootkit software on user's computers without any consent, helped with the long living "autorun.inf" security hole, the same way that all malware is replicated on infected USB drives and they even tried to sue under the DMCA, filing charges of copy protection circumvention, a guy who posted on the internet that pressing SHIFT (overriding the windows autorun functionality) while loading an infected music disc avoided the rootkit installation.
Oh, and
the best story of them all. The stuxnet computer worm. There's a juicy wikipedia article on that. Basically the worm was spread on some windows computers taking advantage of newly discovered (and unpatched) vulnerabilities. It replicated itself on all computers of a network, then it gained administrative rights and tried to find if Siemens Step7 (PLC controller software) was installed. If Step7 was present, it checked the kind of control the PLC was doing. If some characteristic control patterns were found, the worm went ahead and infected the PLC's firmware. The infected firmware reported fake sensor values, reporting normal conditions to the host control computer while malware in the code altered the PLC control routine, generating havoc on the motors depending on the controller.
Why that story is so interesting? Take a look at the implications. A new security hole in windows opened the door to a software that could do what malware normally does, copy itself on the network and whatever, nothing new here. The interesting part is that it contained code not meant to be run on the computer architecture it was running but to be downloaded on another completely different machine.
Let's say I go make a virus to infect the most popular camera here, whatever camera it is. I only need an open door to the windows system, infect it then I can check if a compatible camera is connected. When connected I can run a firmware upgrade routine, import malware into your camera and make it turn itself on, take a picture and turn it off every hour for example. To avoid detection, the pictures are encrypted and stored on a hidden folder taking advantage that windows hides folders by default. It'll be suspicious if the camera turns the screen on or blinks the LED so all that should be left off when taking secret pictures. Both things are controlled by firmware. Then when the camera is connected again, I can check if the camera is infected, if it is, copy all "secret" pictures to the computer and upload them to a remote server. If it is not, well, infect it and wait. There goes your privacy.
Vulnerabilities are often found on stock router firmware (VxWorks) from Asus or Dlink. The fix? Since the vendor is not likely to patch the firmware for old hardware, it is often fixed by reflashing the router to run linux.
--- Edit ---
And don't think I need to squeeze my code to run on a camera. There are LOTS and LOTS of free space on the internal FLASH.
--- Edit 2 ---
Sorry for the extremely long post and completely unrelated topic. I know this is not even the place to discuss this.
~.....
???
???
~
