Rugrat 64-bit virus
Rugrat 64-bit virus

First 64-bit virus found

'Rugrat', a low-risk direct-action infector with no payload, reported in the wild

Iain Thomson

The first virus to target 64-bit computers has been found in the wild.

Named W64.Rugrat.3344 by Symantec, the new virus can also run on 32-bit computers that are using 64-bit emulators, but not on 32-bit code.

Advertisement

The limited numbers of 64-bit computers and the relative simplicity of the virus mean it is not much of a threat, but it does use some interesting new methods of transmission.

Symantec has reported fewer than 50 Rugrat cases and it is thought to no longer be spreading.

"Currently, there isn't a broad penetration of 64-bit systems. Most home and business systems deployed today are running on 32-bit platforms and are not affected by this threat," said Vincent Weafer, senior director of Symantec Security Response, in a statement.

"At this time, we are not expecting widespread copycats since assembly code requires advanced technical knowledge. W64.Rugrat.3344 is a fairly simple proof-of-concept virus."

Written in Intel Architecture 64 assembly code, the virus spreads via Windows Portable Executable files that are used by most Windows 64 applications, except .dlls.

Once established it spreads to files in the same folder and then into subfolders.

The new virus is described as a 'direct-action infector' because it runs, spreads to a new file, and then the originating code shuts down.

The same techniques have been used in six similarly low-risk proof-of-concept viruses aimed at 32-bit systems, known as the W32.Chiton.gen family.

"Direct-action infectors are seldom seen in the wild as they don't spread very fast," said David Emm, senior technical consultant at Kaspersky Labs.

"This is someone turning out a proof using an original, simple virus that has been designed to spread and then cause no further harm, although a payload could be added. It will be interesting to see if there are any copycat follow-ups."

Microsoft and Intel were unavailable for comment at time of going to press.

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Further reading

Shruggle 64-bit virus

Hackers continue to experiment with 64-bit viruses

Shruggle virus could be 'a taste of things to come', warn experts

Sasser and Netsky

Sasser and Netsky top virus charts

Antivirus researchers report increasing use of variants as hackers adapt code

Security

The latest wave of cyber-crimes and acts of vandalism have demonstrated once again that many systems are still vulnerable to attack.

Related whitepapers

Related jobs

Most watched

Summit: Salesforce.com on SaaS and information overload

How web services contribute to data headaches

V3.co.uk weekly debrief, 13 Nov 09

This week we discuss the inaugural V3.co.uk Summit

Analysis and Reports

Remote access - Three steps to getting connected

3.4 million UK professionals now work from home – is your company equipped?

Cost benefits of a global collaboration network

This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

White paper library

Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Spotlight

V3.co.uk weekly debrief, 13 Nov 09

This week we discuss the inaugural V3.co.uk Summit

Fingers on keyboard

New Flash vulnerability discovered

Web sites could be vulnerable to Flash attacks

Chris Adams

Summit: Microsoft Office to the rescue

Chris Adams, Office Client product manager for Microsoft UK, explains...

Illegal downloader

Industry and human rights campaigners united in opposition to "three strikes" plan

Critics says government proposals to curb illegal downloading are unworkable...

Primary Navigation