Linux virus

It seems that someone got a virus on their Linux computer. They did it on purpose, and had to work pretty hard.

And it was a Windows virus. You see, Linux has a program called "Wine" that emulates Windows, so that you can run quite a lot of your Windows software on Linux. This guy ran the (Windows) virus under Wine:

So I downloaded it. And ran it in Wine. And... well, it turns out Wine emulates Windows well enough to get infected by a Windows virus.

...

It even went and added itself into the taskbar (which Wine nicely integrated with my Gnome notifications), and added reminders from time to time (read: every 2 minutes) that you're using the unregistered version.

So, do Linux fanboys (like me) need to worry about viruses? Not so much:

To stop it completely, I had to kill Wine. If it managed to infect the Wine registry well enough that it's run automatically, I will have to go into the Wine registry to remove it manually. Or I could run a couple of simple commands:

sudo aptitude purge wine;
sudo aptitude install wine;

That's it!

Plus, remember that Firefox tried to stop me 3 times before I even saw the file. In the case of a Linux-targeted virus, it would probably do just the same. If I downloaded it, I would then have to go run it manually (unless it's a .sh, in which case I may be able to just run it). To do the same amount of harm, it would then ask me for the administrator password, not just a repetitive "Allow/Deny" box that I just instinctively click Allow on. It would then proceed to do its evilnesses, but with one difference: I can still kill it just as easily.

There's a step by step with tons of screenshots. RTWT if that's your bag, baby. One of the more interesting security experiments I've seen in quite some time.