The first linux virus
to be found in outside a laboratory.
Discovered "in the wild
" at the Kaspersky Labs
, on 25th January 2001, the ramen
virus (technically a "worm
") is an amalgamation of 3 separate script
s, one which scans randomly selected internet
addresses for victim
s, and then two which exploit
one of three widely known, but poorly patched vulnerabilities.
The affected machines all run Red Hat linux 6.2 or 7.0, with the wu-ftpd and rpc.statd holes being attacked in 6.2 and LPRng hole in 7.0. The worm is allegedly similar in structure to the infamous 1988 Morris Worm, but the author has had the intelligence to block servers it has infected from being reinfected, so they don't get slowed down.
The Ramen virus defaces web pages that are hosted on the server it infects with the message "Hackers looooooooooooove noodles," signed by the "RameN Crew" with a html img tag link to a picture of said noodles from the Nissen Foods website.
Information taken from: