Staog
Staog was the first computer virus for Linux. It appeared on October 20, 1996. The flaws it used were fixed soon after, and it has not been seen in the wild since. These vulnerabilities were patched in all major Linux distributions, so Staog is no longer a threat. Staog gained root access by exploiting three kernel flaws: a mount buffer overflow, a tip buffer overflow, and a bug in suidperl. These flaws let it stay resident and then infect executed binaries. In early Linux, the tip command was often a setuid root program, meaning it ran with root privileges. Staog used that and the tip overflow to gain root access. Staog was written in assembly by the Australian hacker group VLAD, who are also known for Boza, the first Windows 95 virus.
This page was last edited on 3 February 2026, at 21:08 (CET).