New code could spark the creation of more cross-platform viruses
New virus hits Windows and Linux
/v3-uk/news/1958461/new-virus-hits-windows-linux
10 Apr 2006, Tom Sanders in California , V3
Security vendor Kaspersky Labs has uncovered a proof-of-concept virus that is able to infect both Linux and Windows systems. The security company refers to the online pest as Virus.Linux.Bi.a/ Virus.Win32.Bi.a.
While the virus is capable of infecting files on both platforms, it infects files only in the current directory. Most importantly, it does not cause any actual harm to infected systems and does not self-propagate.
The ability to infect Linux systems limits the virus in its attempt to cause harm, according to David Perry, global education director with antivirus vendor Trend Micro.
Users need to manually download and open the file to become infected and, since Linux is mostly used on servers, few users on that operating system will pick up the virus.
"There would be more to gain by attacking Windows and Mac OS X rather than Windows and Linux because there are more desktops available on OS X," Perry told vnunet.com.
"This is an interesting milestone, but no reason to sell the farm. Nobody has to stay up late tonight."
The code could spark the creation of more cross-platform viruses, however, as the author has, in a sense, blazed a new trail.
"This is written in an assembler so we know it's written by a programmer, as opposed to a lot of other [malware]. The gauntlet is down. Somebody has proof that they can write a virus for two operating systems," said Perry.
The virus appears to be written by a traditional malware author who is showing off his programming skills rather than creating malware for financial gain.
The virus leaves a text string in infected files that refers to the Immortal Riot, an online publication where virus authors posted proof-of-concept code between 1993 and 1996.
© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093
Do you agree?
Just a thought, I could be wrong.
Good article, but this is not the first time a virus was able to run under both Windows and Linux. Technically I think the title "New virus hits Windows and Linux" is a little misleading and here is why.
The virus is written in assembly which means while the virus runs in both Windows and Linux the virus IS platform dependent. If this is like the other virus written a few years ago, the virus only runs on Intel x86 machines. In other words, the virus does NOT run under Windows and Linux but rather under Windows or Linux running on an Intel x86 machine. Which makes me wonder, would the virus run on the Intel Mac?
The reason I say that is, unless I am mistaken, in assembly the programmer does not rely on OS dependent functions like printf but instead commands the CPU with commands like move so if the Intel Mac has the same Intel x86 architecture and instruction set as typical Intel PCs, it is hypothetically possible that the virus could execute on a Mac.
What do you think?
Thank you for your time.
Have a nice day :)
Posted by Michael Tourigny, 11 Apr 2006