What Type of file extension would be more common in linux based malware?

Like on windows there are exe (compiled from python, C or C++ assembly), VBS, bat extensions to name a few that can be dangerous.

But if Linux malware was to be made that could spread or do damage what would be its source extension? and this very question is why Linux has little malware or least a moderate malware scale. You see malware can be any file extension such as C,C++,Go,python,VBS you name it. but in a actual situation. one that seems discreet just one user happens to run it. now this can come from anything, let me set up a Situation:

User is on a forum and another Linux user made software that can assist in programs ram runtime and memory usage. User wants to try it out so they will download the zip file like another person would do, unzip the file then see the readme license and a few files, and the malware will be in filename Ramctrl.randomextension and they run it.

Okay this sounds funny and very silly and the probability of this happening is very low. but what would that magic file extension be? and how effective would you think it would be?

I believe, there is no magic file extension. Just check for execution permissions. If you want to go further and identify scripts without permissions use the file utility

3 Likes

adding to what @0x00pf said , Linux recognizes files based on their headers instead of their extensions , if you renamed a vedio file to “aa.pdf” and double clicked on it , most cases vlc should pop open (although this can vary depending on your file explorer) , And
Linux has one executable format called “ELF” , everything from libraries to kernel modules are in ELF format .

5 Likes