Threat Level: green Handler on Duty: Remco Verhoef

SANS ISC: Cross platform virus PoC - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cross platform virus PoC
Viruslist is reporting on a cross platform Proof of Concept (PoC) virus that works on both Linux and Windows machines. It is claimed to be capable of infecting both the linux ELF binaries and .exe's from windows.

The impact of the PoC at this point is very low in itself, but it is a sign the cross platform aspects are becoming important. As the developers of viruses continue to research this, we will see (more) cross platform malware come about in the future.

Even today websites sending exploits to their visitors tend to detect what browser/platform the visitor is using and send a matching exploit to install some malware and earn their quarter for each confirmed installation.

Planning ahead and also protecting the Linux, UNIX and Mac OS X, machines with anti-virus measures is a good thing to start on now if you haven't done so already.

For those thinking their "pet" computer is invulnerable to the virus threat: it's not. The vulnerability exploited by a virus is the ability of software to add or change other programs. All general purpose operating systems have that vulnerability to some degree.

Getting infrastructure that is fed signatures in an automated manner in place allows you to shorten the time needed to respond, even if the specific platform isn't targeted today. Since anti-virus measures are mostly reactive in nature, anything that makes your reactions faster is good.

--
Swa Frantzen - Section 66
Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!