After the events of last Friday, I thought it might be good to pass on some information about the current state of malware on linux.
Remember that a properly configured linux system is highly resistant to malware, but not immune. Malware infections can have only limited impact, presuming a privilege escalation exploit is not available, but "limited impact" does not mean "no impact", and a linux system could participate in a botnet with only user rights, if the user is not alert.
http://resources.infosecinstitute.com/l ... landscape/
Now, the events of last Friday were driven in large part by web-enabled CCTV and DVR devices that were not only insecure, but which could not be secured. This is described here:
https://krebsonsecurity.com/2016/10/hac ... more-36754
Internet of Things (IOT) devices that are defective like these devices are defective are becoming very common. When you deploy such a device, it NEVER should be given direct access to the internet; it should always have to pass through a properly configured, secured, and maintained firewall/router before it leaves your house or business and connects to the internet. In this fashion, its vulnerabilities are not directly exposed to the internet, and the likelihood that it will become part of a botnet or used to spy on you, or used in some other malicious fashion, then plummets.
The joker in the deck here is that you have to maintain that firewall/router; "set and forget" is now a metaphor for "hacked or soon to be hacked". If you are unwilling, or insufficiently skilled, to do the maintenance yourself, then you need to either have someone do it for you regularly, or subscribe to a service that will do it for you. I am one of the principal developers for such a service.
The threat landscape is changing rapidly; be alert out there.