Staog

Staog was the first computer virus written for the Linux operating system. It was discovered in the autumn of 1996, and the vulnerabilities that it exploited were fixed soon after. It has not been detected in the wild since its initial outbreak.^[1] The vulnerabilities exploited by Staog have been patched in all major Linux distributions, making the virus no longer a threat.^[2]^[1]

Staog manages to undermine the root access of the infected Linux system via three known kernel vulnerabilities: mount buffer overflow, tip buffer overflow and one suidperl bug,^[3] which allow it to remain resident on the system. Then, it would infect executed binaries.^[1] For tip command, since in early versions of Linux, it was often installed as a setuid root binary, which means it ran with root privileges even when executed by a normal user.^[4] Staog took advantage of that, along with the buffer overflow in tip to gain root privilege access to the system.

Staog was written in assembly language by an Australian hacker group VLAD,^[1]^[5] who are also known for the first Windows 95 virus, Boza.^[3]^[6]

References

^ ^a ^b ^c ^d Piccard, Paul (4 August 2006). Combating Spyware in the Enterprise: Discover, Detect, and Eradicate the Internet's Greatest Threat. Rockland, MA: Syngress. p. 272. ISBN 9780080502229.
^ Linuxvirus (2024-07-30). "So You Want to Know How to Use Anti-virus Software on Ubuntu?". help.ubuntu.com. Retrieved 2025-07-10.
^ ^a ^b Eric Hoeltzel (1997-02-08). "Staog virus". ussg.iu.edu. Archived from the original on 2007-06-09. Retrieved 2025-07-07.
^ "Celeste's Tutorial on SunOS 4.1.x Modems & Terminals". SunOS help. Retrieved 2025-07-11.
^ Salomon, David (20 March 2006). Foundations of Computer Security. USA: Springer. p. 294. ISBN 9781846283413.{{cite book}}: CS1 maint: url-status (link)
^ Greg Miller (1996-02-20). "TECHNOLOGY : 'Boza' Infection of Windows 95 a Boon for Makers of Antivirus Software". Los Angeles Times. Retrieved 2025-07-11.

External links

Staog information on F-Secures Website

This malware-related article is a stub. You can help Wikipedia by expanding it.

[Piccard-1] Piccard, Paul (4 August 2006). Combating Spyware in the Enterprise: Discover, Detect, and Eradicate the Internet's Greatest Threat. Rockland, MA: Syngress. p. 272. ISBN 9780080502229.

[2] Linuxvirus (2024-07-30). "So You Want to Know How to Use Anti-virus Software on Ubuntu?". help.ubuntu.com. Retrieved 2025-07-10.

[:0-3] Eric Hoeltzel (1997-02-08). "Staog virus". ussg.iu.edu. Archived from the original on 2007-06-09. Retrieved 2025-07-07.

[4] "Celeste's Tutorial on SunOS 4.1.x Modems & Terminals". SunOS help. Retrieved 2025-07-11.

[Salomon-5] Salomon, David (20 March 2006). Foundations of Computer Security. USA: Springer. p. 294. ISBN 9781846283413.{{cite book}}: CS1 maint: url-status (link)

[6] Greg Miller (1996-02-20). "TECHNOLOGY : 'Boza' Infection of Windows 95 a Boon for Makers of Antivirus Software". Los Angeles Times. Retrieved 2025-07-11.

[1]

See also

References

External links