Feeds

Risks from hybrid Linux / Windows virus low

Curiousity value of non infectious bug

  • alert
  • submit to reddit

Next gen security for virtualised datacentres

Security experts have downplayed the risk of what is reported to be the first virus that can infect both Windows- and Linux-based PCs.

W32.Winux, which was discovered by anti-virus firm Central Command, is neither spreading nor particularly destructive. Its main points of interest are the techniques it uses.

According to Central Command, W32.Winux is a non-memory resident virus which can replicate under Windows 95/98/Me/NT/2000 (Win32) and Linux systems and infects PE files (Windows executable) and ELF files (Linux executable) files.

The infection method used by the virus is basic. It searches for PE or ELF executable files and then calls an infection routine, which attempts to overwrite parts of the executable files it targets.

Quite how it might spread isn't clearly explained and Central Command says it has received only one report of the virus, which would tie in with the bug being emailed to them by the virus author himself.

Andre Post, a senior antivirus researcher at Symantec, said W32.Winux could only be spread by sharing files and described the risks from the bug as low. None of Symantec's customers have been affected by W32.Winux.

"The point of interest with W32.Winux is that it might give other virus writers ideas - and more malicious payloads might be developed," said Post.

According to David Millard, technical manager of Command Software (an anti-virus firm entirely unrelated to Central Command), there are fewer than 10 viruses that infect Linux systems; he said the bug should be treated as a "proof of concept" rather than anything more serious.

Alex Shipp, of MessageLabs, which scans its customers email for viruses, said W32.Winux is really two viruses rolled into one and it was hard to imagine it posing a particular risk, even to users who have a Windows PC with a Linux partition.

"W32.Winux has curiosity value but whether it makes it into the wild and infects anyone is doubtful," said Shipp, adding that the virus is also very easy to detect. ®

Related Link

Description of W32.Winux by Central Command

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
prev story

Whitepapers

Best practices for enterprise data
Discussing how technology providers have innovated in order to solve new challenges, creating a new framework for enterprise data.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?