Anti-virus researchers have discovered of the first virus capable of infecting 64-bit AMD systems.

The Shruggle [1] virus is only capable of infecting AMD64 Windows Portable Executable (PE) files on the same machine. The virus will not run natively on 32-bit Windows platforms. Even on 64-bit AMD boxes, Shruggle is incapable of spreading by itself from machine to machine. The virus is noteworthy only in demonstrating that malicious code is capable of infecting 64-bit AMD systems even before the widespread availability of systems next year. Shruggle poses a negligible risk but it does illustrate how keen virus writers are on getting an early start at attacking new Windows-based platforms.

In an analysis [2], AV Symantec writes: "It [Shruggle] is a fairly simple proof-of-concept virus; however, it is the first known virus to attack 64-bit Windows executables on AMD64 systems. The virus is written in AMD64 assembly code," it adds.

Symantec compares Shruggle to Rugrat [3], a proof-of-concept virus released earlier this year capable of infecting 64-bit Windows machines. Since then 64-bit viruses have remained as rare as hens' teeth. Vulnerable 32-bit systems are far more commonplace and easy to commandeer. We confidently predict they will remain the prime target for hackers and ne'er-do-wells for some time yet. ®

Related stories

First 64-bit Windows virus sighted [4]
Trojan horse stalks PocketPC [5]
First PocketPC virus found [6]
Virus attacks mobiles via Bluetooth [7]

Links

1. http://securityresponse.symantec.com/avcenter/venc/data/w64.shruggle.1318.html
2. http://securityresponse.symantec.com/avcenter/venc/data/w64.shruggle.1318.html
3. http://securityresponse.symantec.com/avcenter/venc/data/w64.rugrat.3344.html
4. http://www.theregister.co.uk/2004/05/28/itanic_virus/
5. http://www.theregister.co.uk/2004/08/05/pocketpc_trojan/
6. http://www.theregister.co.uk/2004/07/19/pocketpc_virus/
7. http://www.theregister.co.uk/2004/06/15/symbian_virus/