In a bid to enhance cybersecurity for Linux systems, Kaspersky has launched a free application called the Kaspersky Virus Removal Tool (KVRT) for Linux.
This free tool aims to help people scan and clean Linux-based operating systems of known cyber threats.
KVRT overview
KVRT for Linux is designed to address the growing threat landscape targeting Linux environments. Contrary to the common belief that Linux systems are largely immune to cyber threats, recent incidents have highlighted vulnerabilities. These include malicious code in the XZ Utils open source set, the DinodasRAT malware implant, and a Trojanized version of Free Download Manager. These threats underscore the need for robust protection measures for Linux systems, which are often overlooked in corporate cybersecurity budgets.
Functionality on Linux
KVRT for Linux is not a real-time protection tool but a scanner that detects and removes malware and adware. It also identifies legitimate programs that can be exploited for attacks.
The tool supports these 64-bit operating systems. Kaspersky notes that KVRT may work well on Linux distributions it has not tested, so users are recommended to execute it even if their OS of choice isn’t listed on the provided link.
KVRT is not a real-time protection tool but rather a scanner that detects and removes malware and adware, as well as identifying legitimate programs that can be exploited for attacks. The tool performs comprehensive scans of system memory, startup objects, boot sectors, and all files in the operating system, including archived files.
Unlike tools with automated antivirus database update mechanisms, KVRT for Linux requires users to manually download the latest version from Kaspersky’s website to ensure up-to-date protection.
The application can be operated via a graphical user interface (GUI) or command line but only supports manual scans without scheduling options. Additionally, it requires execute permissions and is most effective when run under a superuser account for full functionality.
How to use KVRT
To use KVRT on Linux, follow these steps:
- Download the KVRT file from the Kaspersky official website and save it locally, for example, in the ~/Downloads directory.
- Use the file manager to navigate to the application file, right-click to open file properties, and enable the execute permission. Alternatively, open Terminal, navigate to the directory and run chmod +x kvrt.run.
- Right-click the file and select the option to run it as an application, or double-click the file icon. This is also doable via command line, by navigating to the directory and running ./kvrt.run.
Upon running, the application unpacks necessary files into a temporary directory and prompts the user to accept the End User License Agreement and Privacy Policy. It may also request internet access to connect to the Kaspersky Security Network (KSN) for updated threat information.
KVRT for Linux is provided as a portable application, eliminating the need for installation. The appropriate permissions must be granted for the tool to access system-critical areas like memory and boot sectors. When run by a superuser, it can thoroughly remove detected threats. If run by a regular user, its functionality might be limited to directories accessible by that user.
The release of KVRT for Linux by Kaspersky addresses the need for improved malware detection on Linux systems, a historically under-protected segment. Users are encouraged to regularly download the latest version of KVRT for Linux to maintain up-to-date protection against emerging threats.
Massive Router Outage in U.S. Attributed to Chalubo Malware Attack
Leave a Reply