Feeds

Pro Linux virus rears its head

Low, medium or high risk depending on who you ask

  • alert
  • submit to reddit

High performance access to file storage

Out breaks of the newly discovered Linux plugging ProLin virus have been reported in Poland and the American mid-west.

Developed by an unknown hacker calling him or herself 'The Penguin', it arrives attached to an e-mail with the subject: "A great Shockwave Flash movie." Once the program is run, the virus emails itself to everyone in the users Outlook address book.

As yet there is no consensus in the anti-virus industry about how dangerous the virus is. At the time of writing, Network Associates has it ranked as low risk, while Trend Micro ranks it a high risk. Symantec and Kaspersky Labs both go with a medium.

Once run, the program copies itself to the disk C: root directory and to the Windows start up folder. Then it sends a notification email to an anonymous yahoo.com email address, presumably the author of the virus, with the message: "Got yet another idiot."

Kaspersky Lab said it ranked it as medium since in most cases it does no irreparable damage, but warns that in some cases the worm is able to destroy damaged files.

Next it searches a local hard drive for files with .ZIP, .MP3 and .JPG extensions, and moves them to the C: directory. It adds "change at least now to LINUX" to the file names.

The virus is probably one of the better mannered out there at the moment. It points out to the victim that it could have been worse, and that at least it didn't wipe the hard drive, as well as leaving a file that gives users directions on how to clean their systems of the worm.

"The virus writer is either a Linux freak, or he is trying to show people about exploits and show software companies that their security has holes," Vincent Gullotto, senior director of Network Associates' McAfee Avert Labs told reporters. "But your guess is as good as mine." ®

Related Stories

Virus prevents you asking for help
Viruses prey on porn lovers

High performance access to file storage

More from The Register

next story
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Windows XP still has 27 per cent market share on its deathbed
Windows 7 making some gains on XP Death Day
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
US taxman blows Win XP deadline, must now spend millions on custom support
Gov't IT likened to 'a Model T with a lot of things on top of it'
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.