Staog

Staog was the first computer virus written for the Linux operating system. It was discovered in the autumn of 1996, and the vulnerabilities that it exploited were fixed soon after. It has not been detected in the wild since its initial outbreak.^[1] The vulnerabilities exploited by Staog have been patched in all major Linux distributions, making the virus no longer a threat.^[2]^[1]

Staog manages to undermine the root access of the infected Linux system via three known kernel vulnerabilities: mount buffer overflow, tip buffer overflow and one suidperl bug,^[3] which allow it to remain resident on the system. Then, it would infect executed binaries.^[1] For tip command, since in early versions of Linux, it was often installed as a setuid root binary, which means it ran with root privileges even when executed by a normal user.^[4] Staog took advantage of that, along with the buffer overflow in tip to gain root privilege access to the system.

Staog was written in assembly language by an Australian hacker group VLAD,^[1]^[5] who are also known for the first Windows 95 virus, Boza.^[3]^[6]

[1]

[2]

[3]

[4]

[5]

[6]

Staog

See also

References

External links

Wikiwand - on