0nekoneko7@lemmy.world to Linux@lemmy.mlEnglish · 6 months agoKaspersky releases free tool that scans Linux for known threatswww.bleepingcomputer.comexternal-linkmessage-square60fedilinkarrow-up1104arrow-down163cross-posted to: news@lemmy.linuxuserspace.show
arrow-up141arrow-down1external-linkKaspersky releases free tool that scans Linux for known threatswww.bleepingcomputer.com0nekoneko7@lemmy.world to Linux@lemmy.mlEnglish · 6 months agomessage-square60fedilinkcross-posted to: news@lemmy.linuxuserspace.show
minus-squareboredsquirrel@slrpnk.netlinkfedilinkarrow-up7·6 months agoYes and if viruses use something like base64 encoding or other methods, the hashes dont match anymore. As far as I understood it, it is pretty easy to make your virus permanently un-hashable by just always changing some bits
minus-squareatzanteol@sh.itjust.workslinkfedilinkEnglisharrow-up2·6 months agoThe xz backdoor was a packaged file distributed with the standard packages though. It would be trivial to find.
minus-squareboredsquirrel@slrpnk.netlinkfedilinkarrow-up1·6 months agoThis is obviously not about this known file. It is about “would this scanner detect a system package from the official repos opening an ssh connection”
minus-squareatzanteol@sh.itjust.workslinkfedilinkEnglisharrow-up1·6 months agoSorry, I was responding to: I HIGHLY doubt that they would detect the XZ backdoor
Yes and if viruses use something like base64 encoding or other methods, the hashes dont match anymore.
As far as I understood it, it is pretty easy to make your virus permanently un-hashable by just always changing some bits
The xz backdoor was a packaged file distributed with the standard packages though. It would be trivial to find.
This is obviously not about this known file.
It is about “would this scanner detect a system package from the official repos opening an ssh connection”
Sorry, I was responding to: