Mailinglist Archive: opensuse (3337 mails)

< Previous Next >
Re: [SLE] Proof of concept on Multi Platform Virus
  • From: scsijon <scsijon@xxxxxxxxxxxxxx>
  • Date: Sun, 09 Apr 2006 19:38:04 +1000
  • Message-id: <6.2.3.4.0.20060409193416.037357f0@xxxxxxxxxxxxxxxxxxx>
At 10:02 PM 8/04/2006, Ken Jennings wrote:
On Saturday 08 April 2006 01:00, Boyd Lynn Gerber wrote:
> "
> Cross-platform Virus Infects Linux And Windows
>
> By Gregg Keizer, TechWeb News
>
> A Russian security company announced Friday that it had found a cross-over
> virus that can infect PCs running either the open-source Linux or
> Microsoft Windows operating systems.
>
> Dubbed "Linux.Bi.a" and "Win32.Bi.a," the split-personality malware
> doesn't do any damage. Instead, said Moscow-based Kaspersky Labs in an
> online briefing, it's a proof-of-concept to prove that a cross-platform
> virus is possible.
>
> "However, our experience shows that once proof-of-concept code is
> released, virus writers are usually quick to take the code, and adapt it
> for their own use," wrote a Kaspersky analyst in the briefing."
>
>
> http://www.techweb.com/wire/security/184429692

This is important information:

"According to Kaspersky's research the Linux.Bi.a/Win32.Bi.a virus can infect
either ELF binaries (Linux) or files with the ".exe" extension (Windows)."

Returning to what others have posted concerning the easy infestation of
Windows and the relative difficulty of doing the same in Linux -- How many
executable files on a Linux system can a regular user overwrite? Nothing
important. There aren't enough stupid system admins in the real world who
would click on/run an unknown executable to enable this kind of virus to
spread. As the article says, it is proof-of-concept. For Linux systems it
will stay that way.


Actually, as a proof of concept it's worse than that, I would think it could
also be used to get into a minicomputer or mainframe and do similar damage.

scsijon


< Previous Next >
Follow Ups