> First, he talks of a change in Stantinko's Linux script from version 1.2 to 2.17 as being "a huge jump".
Yeah, they probably had internal version that were tested and not released. I'm no malware author, but I can imagine secrecy is key until you have a final version.
> And Cimpanu is surprised that the package is leaner, something that happens quite often when the author of a specific malware package decides to narrow his/her field of operations.
What gives you the idea that it's obvious that the field of operations is leaner? Seems like the malware does more now, so yes, being smaller is a surprise.
> ...claims that Apache is included by default in many Linux distributions. That is not the case; Linux distro installers have software separated into groups and unless one picks a particular group of packages to be installed, it will not be on your machine.
Actually, that's wrong. Apache is included by default on most server distros, which this malware likely targets.
> I have been running Debian... for the last 20 years and Apache is not on my workstation...
Debian isn't a commonly-used server OS. Most people use Ubuntu or CentOS.
> Linux is far from being a secure OS...
This one is complicated. When people talk about "Linux" they rarely specify if they mean the kernel, or the whole ecosystem. Linux the kernel has a reputation for being secure, but often distros are not, even out of the box.
> First, he talks of a change in Stantinko's Linux script from version 1.2 to 2.17 as being "a huge jump".
Yeah, they probably had internal version that were tested and not released. I'm no malware author, but I can imagine secrecy is key until you have a final version.
> And Cimpanu is surprised that the package is leaner, something that happens quite often when the author of a specific malware package decides to narrow his/her field of operations.
What gives you the idea that it's obvious that the field of operations is leaner? Seems like the malware does more now, so yes, being smaller is a surprise.
> ...claims that Apache is included by default in many Linux distributions. That is not the case; Linux distro installers have software separated into groups and unless one picks a particular group of packages to be installed, it will not be on your machine.
Actually, that's wrong. Apache is included by default on most server distros, which this malware likely targets.
> I have been running Debian... for the last 20 years and Apache is not on my workstation...
Debian isn't a commonly-used server OS. Most people use Ubuntu or CentOS.
> Linux is far from being a secure OS...
This one is complicated. When people talk about "Linux" they rarely specify if they mean the kernel, or the whole ecosystem. Linux the kernel has a reputation for being secure, but often distros are not, even out of the box.