detecting Linux.Ekoms.1

So the big news is a malware for Linux designed to take screenshots every 30 seconds that has been found in the wild called Linux.Ekoms.1.

For more information see this link:

To assist in detection and cleaning, I wrote a quick script to test for the malware existence and notify you.

You can run the script like this:

bash <(curl -s  

The code is as follows:

# Quick and dirty check for ekoms existence. -
check_ekoms() {  
    if [ -e "$HOME/.config/autostart/%exename%.desktop" ]; then
        echo 'Possible infection found. You should run a full scan of all disk partitions.
To clean, you can download a free trial of Dr.Web Anti-virus for Linux here: '; exit 1;
        echo "Linux.Ekoms.1 not found.  System clean."; exit 0;
bmanio forum