Should I worry about malware on Linux? [closed]

"Yes

I don't run antivirus software on my Linux boxes but that is not the only form of malware.

I do apply patches and updates as soon as they are available, especially for security-critical software (e.g. firefox, ssh, gpg). We could debate whether that is a good or a bad approach but the question here is 'should I be concerned?' ... either way we would be debating the risks because we believe there is a threat. Similarly, I only apply software and patches from repositories and sources I have some trust in.

Web-borne malware is a serious threat so I do run NoScript, for example, and avoid enabling Java and Flash handlers except on sites where I need these and have some trust.

Finally, I check non-text attachments I receive from third parties before forwarding them on to others. In most cases any malware payload would not affect me but it could affect someone I send the file on to."

"It's important to note that there are all kinds of malware that can attack a Linux computer despite it's high security. Even a fully patched system with no known vulnerabilities can still be attacked.

A user account might have a weak password and be subject to a brute-force ssh attack.
A person could download a trojan, such as a script file or macro virus.
A person could be tricked into running a program they didn't intend to run.
There are various ways to compromise set-uid shell scripts and the like.

Also, you should assume that there are always unknown security flaws in all the programs you are using. It's only a matter of time before they are found. Thus it's important that you don't let two unrelated minor vulnerabilities turn into one major one. For example, that brute-forced ssh account gives a local user access; but a newly discovered kernel bug turns that access into remote-root access.

Finally, even if the system itself is very secure; only ssh (or maybe not even ssh) is network facing, the system uses SELinux and intrusion detection systems and is fully patched and has only a minimum of software installed, etc, you still don't want your own user account messed up. Your data could be stolen or destroyed; your passwords could be sniffed using a keylogger; you could be impersonated online and other systems might be compromised; your account could be used to send spam or launch attacks; the list goes on.

There ARE linux worms, rootkits, botnets, etc in the wild which do these things already. As a computer owner it's your duty to do your best to keep your system clean."

"According to Wikipedia you shouldn't:

Like Unix systems, Linux implements a multi-user environment where users are granted specific privileges and there is some form of access control implemented. To gain control over a Linux system or cause any serious consequence to the system itself, the malware would have to gain root access to the system.

Edit: In response to other answers and comments. I don't say you shouldn't keep your system patched, but there are two reasons Linux is saver than Windows:

it's harder to get malware do something on your system due to security reasons
there are way less people using Linux compared to Windows, so it's less interesting for hackers. This in the end results less malware

This doens't mean your immune to people wanting to do harm to your computer, but if you have no knowledge about these things, it's going to be hard to protect yourself against the unknown."