Cross-Platform Koobface Worm Can Infect Linux
There is a new version of the Koobface worm that can infect a Linux operating system. Jerome Segura over at Pareto Logic has a blog post showing how this worm can infect a user's home directory in Ubuntu.
The good news is that the worm will only run until the system is rebooted. However, the damage may have already been done by the time that happens. The malicious files are downloaded to the user's home directory and placed in a hidden folder called .jnana.
Based on this information, it should be easy to detect and remove the malicious files. To detect infection, simply open a terminal window and enter the following commands:
ls -A | grep jnana
If you do find a folder called .jnana, reboot your system or manually kill any related processes. Then remove the malicious files with:
Remember, contrary to popular belief, a GNU/Linux system is not 100% secure. It can be infected with malware. In this case, it's not nearly as bad as its Windows variant, but does prove that a piece of malware does not need to have root access to cause trouble.