Let us call "worm" a program that multiplies without human interaction, probably using some vulnerability that can be triggered remotely. Let us call "virus" a program that spreads in executables or via email.
Aggie Email Virus You have just received the Aggie Virus! Because we don't know how to program computers, this virus works on the honor system. Please delete all the files from your hard drive and manually forward this virus to everyone on your mailing list. Thanks for your cooperation.
(Yes, in English the plural is viruses. In Latin there is no plural. This is a popular topic of discussion.)
Roughly speaking, Linux viruses do not exist. In Oct. 2003 The Register quoted There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux. Most of the Windows viruses are not important, but many hundreds have caused widespread damage. Two or three of the Macintosh viruses were widespread enough to be of importance. None of the Unix or Linux viruses became widespread - most were confined to the laboratory.
This lack of success is mainly caused by the difficulty of getting a virus to spread. Executing binaries found in the mail is not a normal thing to do in a Linux environment.
Also, wise users do not do their ordinary day-to-day tasks while logged in as root. Consequently, they cannot corrupt system files.
But one can try to create a file-infecting virus.
While the operating system itself seems relatively safe,
the various desktops are much less safe.
Several people
have
pointed out
that .desktop files, or even files without extension that have
the .desktop format will launch arbitrary code when double-clicked
(under GNOME or KDE), even when their mode does not have any 'x' bit set.
This means that in order to take over a user's machine it will
often suffice to send him some file by email.
(In case the protection is strengthened by requiring the file to be
executable, as it is in some distributions, that is easily circumvented
by mailing an archive. Unpacking that will also set the file modes.
Moreover, this would also defeat a conceivable defense that restricted
the directories from which desktop files can be executed.)
For the source of Mydoom.a, reportedly the largest virus ever, see www.astalavista.com.
Stuxnet was a virus presumably launched in order to damage Iran's uranium enrichment facilities. A very detailed writeup by Symantec. The binary is available on the net.