[Solved] Antivirus software for Linux

Is there any good antivirus software which can be used on Linux machine.Recently I noticed a virus ,rather an iFrame adware or trojan passed through Ubuntu machine where ubuntu acted like a carrier and it was later detected by Gmail online scanning.

This topic is explored in volume 4. Linux AV isn’t going to help much here. Because there is very little Linux malware there isnt a market for AV/security suites. So what AV products you have don’t do too much. Also this sounds like your describing malvertisment to send the payload which will likely be somewhat FUD/crypted to defeat AV. To prevent this sort of attack you want isolation and execution control. That is covered somewhat in the the isolation section in Vol 1. Tools like app armor, gr security as a security framework base. On a firefox browser on Ubuntu/Debian/Kail you can use sandfox but i recommend firejail to isolate the attack payload.

Thanks for the response.in actual,it was part of a font file which we normally do not doubt .we used the font file.now that font file with virus or malvertisment was not detected by our hosting provider neither by office machines (most of office use ubuntu and hosting is on cent os) then it got delivered to client network and there somehow their firewall detected it.Scanning those files on www.virustotal web site helped to identify it.

however in total 2 infections were detected and I fixed one which was this font file.

Now the strange part is that the virustotal identified one more virus which is not detected by any of the antivirus software except BKav and since I do not have license or working copy of BKav ,still I am unable to identify that infected second file.

BKav states it as this


What it can be and how to identify and remove it now?

The firewall detected it! Interesting.If AV got it then its not very new.

Obviously I can’t go into full details here but for looking at what malware might be doing on Linux check out Sysdig & Csysdig. For a more automated check use AV tools that allow you to boot into another OS to check the system. Like http://www.surfright.nl/en/hitmanpro https://support.kaspersky.com/viruses/rescuedisk

Thanks Nathan