Security firm ESET and ZDNet writer Catalin Cimpanu have both got it wrong in the past — the latter on numerous occasions as he simply does not seem to understand anything about the Linux security model — but both continue to persist in trying to pursue the topic. ESET has gone in the wrong direction on torrent files and clients too.
Arguably, there is reason to do so: Linux and malware in the same headline do still serve as some kind of clickbait.
ESET's Marc-Etienne M.Léveillé wrote a blog post about trojaned versions of OpenSSH which had been found in the wild. But when it came to specifying how one would get these versions installed on a Linux system, all that was talked about was brute-forcing passwords. Really? And this is called Linux malware?
Under a bold headline, "ESET discovers 21 new Linux malware families", all that he could say was "Attackers would compromise a Linux system, usually a server, and then replace the legitimate OpenSSH installation with one of the trojanized versions." How that compromise was effected was not mentioned.
Towards the end of his misnamed article, Cimpanu mentioned that brute-forcing passwords or exploitation of vulnerabilities of applications running on top of Linux was the way one could gain a foothold on Linux systems.
But then how would that be Linux malware?
But then Bleeping Computer is a relatively small operation. One would have thought that ZDNet, which has tons of resources, would have a little more editorial quality control.
Alas, that does not seem to be the case.