Are you looking for my non-technical blog?

This is now my technical-only blog, my non-technical blog is here.

09 April 2006

Cross Platform Virus

Hackers have released a sample code for a virus that could infect both Linux and Windows PCs. The virus, which was given the double name Virus.Linux.Bi.a/ Virus.Win32.Bi.a, was reported Friday by security firm Kaspersky Lab. "The virus is written in assembler and is relatively simple," Kaspersky wrote in a posting to the company's Viruslist.com Web site. "However, it is interesting in that it is capable of infecting the different file formats used by Linux and Windows - ELF and PE format files respectively." The ELF (Executable and Linking Format) and PE (Portable Executable) file formats are used to format certain types of binary files in Linux and Windows, including the .exe and .dll files used in Windows. The virus appears to have no practical application, Kasperky said. "It's a classic proof-of-concept code, written to show that it is possible to create a cross-platform virus," Kaspersky said. "However, our experience shows that once proof-of-concept code is released, virus writers are usually quick to take the code, and adapt it for their own use." Security training organization The SANS Institute agreed with Kaspersky's assessment, saying that the software should come as a warning to Linux and Mac OS X users who may think their computers are "invulnerable" to virus threats. Source: Network World Tags: , , , , , , , ,

2 comments:

  1. يا دي وجع الدماغ

    how on earth would the virus get write access to an elf binary on a GNU/Linux machine? and if the user is stupid enough to spend the extra effort in breaking his system to allow the virus in how would the virus spread? it needs other users who are as stupid, it needs a critical mass of networked users who are that stupid.

    experts, hah!

    ReplyDelete
  2. AFAIK, the virus can be customized - to be a work - to use a running process with appropriate privileges in order to spread itself.
    It just need some vulnerable demon or so in order to overflow its buffer and force it to excute some code that inturn will write the virus code in the elf file.
    Anyway tell me if I am missing something

    ReplyDelete