Linked by Thom Holwerda on Mon 10th Apr 2006 21:17 UTC
Bugs & Viruses Virus researchers at Kaspersky Lab have found proof-of-concept code for a cross-platform virus capable of infecting both Windows and Linux systems. In an alert posted to Viruslist, Kaspersky said the sample virus has been given a dual name - Virus.Linux.Bi.a/ Virus.Win32.Bi.a - and highlighted the way attackers are targeting multiple platforms in malware attacks. "The virus doesn't have any practical application," the company said in the alert. "It's classic proof-of-concept code, written to show that it is possible to create a cross-platform virus."
Permalink for comment 113635
To read all comments associated with this story, please click here.
I'm calling it FUD
by ozonehole on Tue 11th Apr 2006 00:58 UTC
ozonehole
Member since:
2006-01-07

To infect ELF files, the virus uses INT 80 system calls and injects its body into the file immediately after the ELF file header and before the ".text" section. This changes the entry point of the original file.

Sure, its always been possible to write a Linux virus. The problem (for virus writers) is that when you download a file with Linux, it's not executable. Thanks to umask, file permissions will be set to either chmod 644 or 600 (that is, umask 022 or 077). In order for the malware to execute, the user would first have to make it executable using the chmod command. That would be a dumb thing to do.

After years of trying, no one has yet been able to create a practical Linux virus. Rootkits, yes, viruses, no. Or have I missed something?

Reply Score: 5