I have outdated Windows 7 and as such do not want to connect it to the university LAN. I decided to make a Live USB Ubuntu and use it to do my networking tasks. My question is whether is it still possible for the ransomware to attack via the Live Ubuntu and encrypt my Windows partitions? I don't think it should be able to. Am I right?
Asked
Active
Viewed 2,214 times
2 Answers
2
Irrespective of the file system you're mounting, the attack of any malware depends on your OS. WannaCry uses exploits in the Windows line of OS and hence is incapable of infecting Linux machines. As for wine, It shouldn't be a problem unless you click on the ransomware executable and run. Giving sudo permissions to wine might be dangerous too.
RecursiveCursive
- 124
2
Wannacry does not run on Linux natively. If you were to execute a windows executable via Wine, you could, however, get infected, as most Windows programs seem to run on Linux via Wine and can access files as they could if they ran on Windows. If you execute Windows executables via Wine, you have the same problem as you do when executing it under Windows: Anyone could have written that program and anyone could have messed with it to include malicious functionality.
You do, however, have to install Wine for this to happen, as it's not installed by default.
To make sure it's not installed, open a terminal and enter the command wine --version. If the output contains wine: command not found, for example
No command 'wine' found, did you mean:
Command 'win' from package 'wily' (universe)
Command 'wipe' from package 'wipe' (universe)
Command 'line' from package 'util-linux' (main)
Command 'twine' from package 'twine' (universe)
Command 'wing' from package 'wing' (universe)
Command 'xine' from package 'xine-ui' (universe)
wine: command not found
, then Wine is not installed. If it is installed, the version number is shown on the terminal, for example:
wine-1.6.2
There is no need to install Wine if you don't want to run Windows applications and if you want to avoid malware, you shouldn't.
If you only use software you installed via the official repositories, you can be pretty sure it doesn't have malicious features. If you download stuff from the internet and run it, you can't.
Note that there are differences. For example, if you download Windows malware which needs access rights escalation, it can't get it the same way under Linux as it can under Windows. Furthermore, even when targeting Linux machines, access rights escalation is hard to accomplish as over the past few years, every time something like this was possible, bug fixes were created and shipped very fast, sometimes even before the bug was publicly known.
Unfortunately, ransomware usually doesn't require access rights escalation. This is bad news if you keep your Windows partition mounted.
There has been ransomware which runs natively under Linux but its effects were very minor as it required very special conditions which you won't find on a normal Ubuntu installation on a laptop or desktop computer. It required a server running a specific online shop software.
You should be a lot better off with Linux than with Windows but you unfortunately can't be 100% sure that nothing malicious will happen to your data, even if we haven't seen anything like the Windows ransomware on Linux, yet. Moral of the story: Use Linux, update your system when it offers you to install udpates (preferably change the automatic update check from weekly to daily and check the box to install security updates automatically), and keep backups. You should keep backups anyway because if your hard disk fails, you lose your data anyway. Your hard disk failing seems like a much bigger risk to your data than crypto trojans if you use an up-to-date maintained Linux system (like Ubuntu 16.04).
UTF-8
- 5,910
- 10
- 34
- 68