Content

New PoC malware can infect both Windows and Linux

Kaspersky Lab today reported a new proof-of-concept (PoC) cross-platform virus that creates malicious code to infect both Linux and Microsoft Windows operating systems.

Kaspersky researchers gave the crossover virus a double name, Virus.Linux.Bi.a/Virus.Win32.Bi.a.

The virus is interesting, said analysts on Kaspesky's Viruslist website, because it is capable of infecting ELF, the file format used for Linux systems, and PE, Windows' file format. It only infects files in its current directory, according to the Kaspersky report.

"The virus doesn't have any classic application – it's classic proof-of-concept code, written to show that it is possible to create a cross-platform virus," warned the Kaspersky report. "However, our experience shows that once proof-of-concept code is released, virus writers are usually quick to take the code and adapt it for their own use."

Swa Frantzen, a researcher posting on the SANS Internet Storm Center website, said the virus shows the gaining importance of cross-platform viruses.

"The impact of the PoC at this point is very low in itself, but it is a sign the cross-platform aspects are becoming important. As the developers of viruses continue to research this, we will see (more) cross platform malware come about in the future," said Frantzen. "Even today, websites sending exploits to their visitors tend to detect what browser/platform the visitor is using and send a matching exploit to install some malware and earn their quarter for each confirmed installation."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.