Anti-virus researchers have discovered of the first virus capable of infecting 64-bit AMD systems.

The Shruggle (http://securityresponse.symantec.com/avcenter/venc/data/w64.shruggle.1318.html) virus is only capable of infecting AMD64 Windows Portable Executable (PE) files on the same machine. The virus will not run natively on 32-bit Windows platforms. Even on 64-bit AMD boxes, Shruggle is incapable of spreading by itself from machine to machine. The virus is noteworthy only in demonstrating that malicious code is capable of infecting 64-bit AMD systems even before the widespread availability of systems next year. Shruggle poses a negligible risk but it does illustrate how keen virus writers are on getting an early start at attacking new Windows-based platforms.

In an analysis (http://securityresponse.symantec.com/avcenter/venc/data/w64.shruggle.1318.html), AV Symantec writes: "It [Shruggle] is a fairly simple proof-of-concept virus; however, it is the first known virus to attack 64-bit Windows executables on AMD64 systems. The virus is written in AMD64 assembly code," it adds.

Symantec compares Shruggle to Rugrat (http://securityresponse.symantec.com/avcenter/venc/data/w64.rugrat.3344.html), a proof-of-concept virus released earlier this year capable of infecting 64-bit Windows machines. Since then 64-bit viruses have remained as rare as hens' teeth. Vulnerable 32-bit systems are far more commonplace and easy to commandeer. We confidently predict they will remain the prime target for hackers and ne'er-do-wells for some time yet. ®

Related stories

First 64-bit Windows virus sighted (http://www.theregister.co.uk/2004/05/28/itanic_virus/)
Trojan horse stalks PocketPC (http://www.theregister.co.uk/2004/08/05/pocketpc_trojan/)
First PocketPC virus found (http://www.theregister.co.uk/2004/07/19/pocketpc_virus/)
Virus attacks mobiles via Bluetooth (http://www.theregister.co.uk/2004/06/15/symbian_virus/)