Antivirus recomendations - eviltoast

Do you have any antivirus recomendations for Linux.

  • sugar_in_your_tea@sh.itjust.works
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Sure, anti-virus won’t prevent the zero day from being exploited, but it can prevent any malware packaged with it from executing/causing damage. The same goes for other strategies, like sandboxing, access control, etc, the more layers you have, the less likely an attack is to be successful.

    On the other side, the less valuable your platform is to exploit, the less attention it’ll have from malware authors. Most malware is looking to make a quick buck, and getting grandma to call a fake support line to fix a manufactured problem is the lion’s share of malware. Some attempt to create a botnet (i.e. worms and Trojans), and others try to steal banking and other credentials (so cookie scraping, no need for privilege escalation, just code execution).

    I’m just pointing out that zero days and privilege escalation has existed to show that macOS isn’t immune. I’m sure there are plenty more, they just probably aren’t used as much because the potential benefit isn’t large enough yet. Why risk revealing your zero day when the profit potential is low? Sometimes it’s more valuable to wait and sell to a more sophisticated attacker who will go after higher value targets like sitting politicians than to sell it on the open market to a scammer who goes after grandma.

    The same goes for Linux. Zero day privilege escalation attacks certainly exist, if you follow the CVEs, you can see some of them getting discovered before they’re explored. As the market expands, we’ll see more exploits actually being used, which means there are probably even more that potential attackers are sitting on.