Welcome to the TechSpot OpenBoards. Please read the FAQ if you have any questions. Login to participate.
Go Back   TechSpot OpenBoards > TS Community > News & Interesting links
Reload this Page Cross Platform Win32/Linux Virus

Cross Platform Win32/Linux Virus

Reply
Bookmark / Share this page
Thread Tools
  #1  
Old 06-02-2002
Phantasm66's Avatar
TechSpot Evangelist
  
Location: Glasgow, Scotland
Member since: Feb 2002, 6,602 posts
Cross Platform Win32/Linux Virus
Quote:
[SIZE=4]Win32/Linux Cross-Platform Virus[/SIZE]


An Anonymous Coward writes "Symantec reports on the first virus to infect both ELF and PE binaries on Linux and Win32. "The first Win32/Linux cross-infector, {Win32,Linux}/Peelf, uses two separate routines to carry out the infection on PE and ELF files. This variant of Simile shares a substantial amount of code between the two infection functions, such as the polymorphic/metamorphic engines, the only platform-specific parts being the directory traversal code and the API usage.""
source: http://slashdot.org/articles/02/06/0...7.shtml?tid=99

Quote:
[SIZE=4]Linux.Simile[/SIZE]

Win32,Linux}/Simile.D is a very complex virus that uses entry-point obscuring, metamorphism, and polymorphic decryption. It is the first known polymorphic metamorphic virus to infect under both Windows and Linux. The virus contains no destructive payload, but infected files may display messages on certain dates. It is the fourth variant of the Simile family. This variant introduces a new infection mechanism on Intel Linux platforms, infecting 32-bit ELF files (a standard Unix binary format). The virus infects Portable Executable (PE) files as well as ELFs on both Linux and Win32 systems. So far Symantec has not received any submissions of this virus from customers.

NOTE: The {Win32,Linux} reference follows the CARO (Computer Anti-virus Researchers Organization) standard naming convention. This is meant to imply that a threat can infect across multiple platforms, Win32 and Linux. Another such example would be {Win32,W97M}.


Also Known As: W32.Simile, {Win32, Linux}/Simile.D, {Win32, Linux}/Etap.D
Type: Virus
Infection Length: variable
Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me, Linux
Systems Not Affected: Windows, Microsoft IIS, Macintosh, Unix
source: http://www.symantec.com/avcenter/ven...ux.simile.html
Reply With Quote
  #2  
Old 06-02-2002
Tweakster's Avatar
TechSpot Member
  
Location: In a house Uk
Member since: Feb 2002, 224 posts
Quote:

Win32,Linux}/Simile.D is a very complex virus that uses entry-point obscuring, metamorphism, and polymorphic decryption. It is the first known polymorphic metamorphic virus to infect under both Windows and Linux.

Err so what's that mean in language i can understand ?
Reply With Quote
You can remove this banner by registering, join the TS Community for free.
  #3  
Old 06-02-2002
TS | Thomas's Avatar
TechSpot Elite
  
Location: Ireland
Member since: Feb 2002, 1,327 posts
Quote:
Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me, Linux
Systems Not Affected: Windows, Microsoft IIS, Macintosh, Unix
Glad they've cleared up that Windows is affected, but isn't affected
Reply With Quote
Reply
Thread Tools

Forum Jump

Similar Topics
Thread Thread Starter Forum Replies Last Post
Avg Virus Scanner- Do I Have A Virus? SmAsHeR Misc. Software & Utilities 12 11-30-2005 12:52 PM
Virus + Network Problems ---agissi--- Storage & Networking 34 01-08-2005 04:53 PM
New Virus Worm replicates via email, network IRC and Kazaa Per Hansson Old Frontpage News & Comments 6 09-21-2003 07:38 PM
"Winevar" E-mail virus insults its victims Phantasm66 Old Frontpage News & Comments 0 11-28-2002 11:13 AM
IMPORTANT W32/Klez.h@MM Virus havok! Phantasm66 News & Interesting links 12 05-04-2002 04:36 PM


All times are GMT -4. The time now is 03:58 AM.