From
http://www.techworld.com/security/news/index.cfm?newsID=5752&pagtype=all

Hackers have released code for a cross-platform virus that could infect
Linux and Windows computers. 

The virus, which has been given the names Virus.Linux.Bi.a/
Virus.Win32.Bi.a, was reported at the end of last week by security firm
Kaspersky Lab. Researchers worry that the malicious code may be part of a
disturbing new trend of viruses that can run on Windows, as well as other
operating systems that have been largely ignored by hackers. 

"The virus is written in assembler and is relatively simple," Kaspersky
wrote in a posting to the company's Viruslist.com website. "However, it is
interesting in that it is capable of infecting the different file formats
used by Linux and Windows - ELF and PE format
files respectively." ) 

The ELF (Executable and Linking Format) and PE (Portable Executable) file
formats are used to format certain types of binary files in Linux and
Windows, including the .exe and .dll files used in Windows. 

The virus appears to have no practical application, Kasperky said. "It's a
classic proof-of-concept code, written to show that it is possible to create
a cross-platform virus," Kaspersky said. "However, our experience shows that
once proof-of-concept code is released, virus writers are usually quick to
take the code, and adapt it for their own use." 

Security training organisation The SANS Institute agreed with Kaspersky's
assessment, saying that the software should come as a warning to Linux and
Mac OS X users who may think their computers are "invulnerable" to virus
threats. 

"As the developers of viruses continue to research this, we will see [more]
cross platform malware come about in the future," wrote SANS Internet Storm
Center contributor Swa Frantzen. 

"Protecting the Linux, Unix and Mac OS X, machines with anti-virus measures
is a good thing to start on now if you haven't done so already," he added. 

Information about Linux/BiWiLi is located on VIL at:
http://vil.nai.com/vil/content/v_139173.htm

Detection
Linux/BiWiLi was first discovered on April 10th, 2006  and detection was
added to the 4737 dat files (Release Date: April 10th, 2006).  

To stay updated and protected download the latest dat files from
http://www.mcafeesecurity.com/us/downloads/default.asp

If you suspect you have Linux/BiWiLi, please submit a sample to
http://www.webimmune.net.

Risk Assessment Definition
For further information on the Risk Assessment and AVERT Recommended Actions
please see: 
http://www.mcafeesecurity.com/us/security/resources/risk_assessment.htm


Mike Grant
Bytware, Inc.
775-851-2900 

http://www.bytware.com


CONFIDENTIALITY NOTICE:  This e-mail message and any attachment to this e-mail 
message contain information that may be privileged and confidential.  This 
e-mail and any attachments are intended solely for the use of the individual or 
entity named above (the recipient) and may not be forwarded to or shared with 
any third party.  If you are not the intended recipient and have received this 
e-mail in error, please notify us by return e-mail or by telephone at 
775-851-2900 and delete this message.  This notice is automatically appended to 
each e-mail message leaving Bytware, Inc.  



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.