Software:Staog

From HandWiki

Staog was the first computer virus written for the Linux operating system. It was discovered in the autumn, October 20, of 1996,[1] and the vulnerabilities that it exploited were fixed soon after. It has not been detected in the wild since its initial outbreak.[2] The vulnerabilities exploited by Staog have been patched in all major Linux distributions, making the virus no longer a threat.[3][2]

Staog manages to undermine the root access of the infected Linux system via three known kernel vulnerabilities: mount buffer overflow, tip buffer overflow and one suidperl bug,[4] which allow it to remain resident on the system. Then, it would infect executed binaries.[2] For tip command, since in early versions of Linux, it was often installed as a setuid root binary, which means it ran with root privileges even when executed by a normal user.[5] Staog took advantage of that, along with the buffer overflow in tip to gain root privilege access to the system.

Staog was written in assembly language by an Australian hacker group VLAD,[2][6] who are also known for the first Windows 95 virus, Boza.[4][7]

See also

References

  1. "Staog". http://virus.wikidot.com/staog. "Staog is the first Linux virus. It came from Australia created by Quantum of VLAD [...]
    Staog
    TypeFile virus
    CreatorQuantum/VLAD
    Date Discovered1996.10.20
    Place of OriginAustralia
    Source LanguageAssembly
    PlatformLinux
    File Type(s)ELF
    Infection Length4,744 bytes
    "     
  2. 2.0 2.1 2.2 2.3 Piccard, Paul (4 August 2006). Combating Spyware in the Enterprise: Discover, Detect, and Eradicate the Internet's Greatest Threat. Rockland, MA: Syngress. p. 272. ISBN 9780080502229. 
  3. Linuxvirus (2024-07-30). "So You Want to Know How to Use Anti-virus Software on Ubuntu?". https://help.ubuntu.com/community/Linuxvirus. 
  4. 4.0 4.1 Eric Hoeltzel (1997-02-08). "Staog virus". http://www.ussg.iu.edu/hypermail/linux/kernel/9702.1/0066.html. 
  5. "Celeste's Tutorial on SunOS 4.1.x Modems & Terminals". https://www.sunhelp.org/stokely/4xmodem.html. 
  6. Salomon, David (20 March 2006). Foundations of Computer Security. USA: Springer. p. 294. ISBN 9781846283413. https://archive.org/details/foundationscompu00salo_840. 
  7. Greg Miller (1996-02-20). "TECHNOLOGY : 'Boza' Infection of Windows 95 a Boon for Makers of Antivirus Software". https://www.latimes.com/archives/la-xpm-1996-02-20-fi-38090-story.html. 





Retrieved from "https://handwiki.org/wiki/index.php?title=Software:Staog&oldid=4199987"