Virus writers have created an experimental form of malware written in Windows PowerShell script, the command line and scripting language used by Windows.

Cibyz was developed by the same Austrian VXers who developed proof of concept malware targeting Microsoft Command Shell (MSH) technology, later renamed PowerShell.

Cibyz represents a refinement of earlier malware that's capable of infecting Windows XP and Windows Server 2003 machines, as well as Vista boxes.

Although the technique used to develop the Cibyz worm is novel, its propagation techniques are all too familiar. The worm attempts to spread via the Kazaa P2P file sharing application by posing as one of a variety of useful utilities. Users who attempt to open these illicit files (scripts) will find themselves infected. However, the worm does little damage apart from dropping a copy of itself in shared folders used by Kazaa.

The malware isn't spreading. Anti-virus firms classify Cibyz as a low-risk threat. ®

Related stories

• Malware targets security research tool (6 July 2006)

  https://www.theregister.com/2006/07/06/gattmann_virus/

• IE blighted by flaw duo (29 June 2006)

  https://www.theregister.com/2006/06/29/ie_flaws/

• First StarOffice malware sighted (1 June 2006)

  https://www.theregister.com/2006/06/01/stardust/

• Cross-platform virus poses little risk (11 April 2006)

  https://www.theregister.com/2006/04/11/cross_platform_malware/

• Patches released for zero-day IE threat (29 March 2006)

  https://www.theregister.com/2006/03/29/ie_patches_released/

• Virtual rootkits create stealth risk (13 March 2006)

  https://www.theregister.com/2006/03/13/virtual_rootkit/

• Triple threat to Mac OS X largely academic (27 February 2006)

  https://www.theregister.com/2006/02/27/apple_security_threats_a_reality/