64-Bit Rugrat Virus Emerges

weekendwarrior1980 writes "The first computer virus to target 64-bit Windows systems has been detected by security authorities. Dubbed "W64.Rugrat.3344," the virus is a fairly benign, proof-of-concept infection agent, according to a report issued on the Symantec Web site. This threat does not infect 32-bit systems and will not run on 32-bit Windows platforms. It is a direct-action infector, typically exiting memory after execution, and is written in IA64 (Intel Architecture) assembly code." Update: 05/29 19:26 GMT by T : Yes, this is the same "non-event" virus already mentioned.

People please!

[chrisgeleven]

PLEASE PLEASE PLEASE do a search on Slashdot for previous articles before posting and/or approving articles!

Going to the Search page, typing "Rugrat", and clicking the "Search" button already brings up a story about the first 64-bit Windows virus from Thursday, May 27th, 2004.

Unbelievable. Took me 2 seconds to do the search and would save a dupe.

Slashdot's habit of duplicating stories is getting pretty rediculous.

Hypocrites!!

[KarmaPolice]

If you are going to complain about dupes, why not take a look at the current comments before creating another "Yep, it's a dupe"-comment.

Dupes are bad, but dupe comments about dupes...why, that's just silly!!

Stop the argument before it starts...

[rice_burners_suck]

And for those of you who think that once Linux takes over the world, the new viruses will target Linux, I think you are not taking the following factors into consideration:

1. Windows is an inherent security risk because nobody can see the source code and identify security problems. This might be touted as an advantage, because in the eyes of IT CIOs who don't know anything about computers, it is supposed to prevent security problems from becoming known. However, this does not take into consideration the 1337 h4x0rz who have a deep knowledge of computers, networks, and programming, and who have the time to find the bugs without seeing the source code. Thus, bugs that would be found and fixed quickly through access to the source code are not found and fixed until it's too late. In Linux, these bugs are usually fixed in the same day as they are found.
2. Many viruses are created to target Windows because many people hate Windows, Microsoft, and the political, social, and economic ideas they represent. These same individuals would not feel the same animosity towards Linux, because it does not represent the enrichment of a single entity at the expense of the entire world.
3. Windows contains a tremendous amount of code and features that not every business or individual needs. These customers cannot remove that code, and therefore, there are that many more potential bugs and vulnerabilities present in their installations that would not otherwise be there. Linux can be modified, and usually is, so that each system is different. Unneeded features are not installed.
4. All installations of Windows are effectively identical because, as I just said, you cannot modify anything. This means that all the zillions of people who are running the same version of Windows are vulnerable to the same bugs and viruses. Which means that a virus created for any version of Windows has a much larger "market" than one created for Linux, in which there are almost as many variations as there are installations.

Re:Stop the argument before it starts...

[Tim+C]

You can't stop this argument, I'm afraid...

1. I don't remember a single exploit for the last couple of years at least that used a hole that wasn't patched before the exploit made it into the wild. The problem is not so much the lack of code inspection, as the sheer number of users that don't keep their systems up to date. That will be just as true if people are using Linux as it is now - with 2K and XP, critical updates can even be downloaded and installed automatically, and yet people still get hit by patched holes!
2. A fair number aren't too keen on the GPL, the Free (as opposed to free) software movement, and particularly RMS. I don't think it's too much of a stretch to imagine groups of pissed-off MS fanboys cooking up Linux exploits should it attain desktop dominance. For that matter, I think you vastly overestimate the people behind these things. There is no noble cause driving them, it's vandalism and anti-social behaviour, pure and simple. These are the sorts of people who'd be shoplifting and spraying graffiti if they weren't quite so good with computers. For them, the target platform is just whatever's the most popular (= highest chance of finding a soft enough target), and/or whatever they can download attack scripts for.
3. The same is true of a fully-installed Linux system, and the average home user is no more equipped to pare it down than they are to switch off non-essential Windows services.
4. This is true; however, should Linux attain a sizeable share of the desktop market, you'll find that only a small handful of the most user-friendly distros are used. I can see it coming down to Mandrake, Fedora and SUSE being in the vast majority. That lessens the effect you describe, although the situation is clearly still better than for Windows. However, most of the distros (in my experience) ship with pretty-much the same stuff - they'll supply different config tools, put config files in different places, ship with minor/teeny differences in package revisions, etc. Whenever security holes are posted here that affect Linux, however, it's generally the case that all the major distros are affected. I think that Linux viruses and exploits will have wider applicability than you think.

Basically, it all comes down to opinion. I actually agree with you in part, that Linux is more resistant to these things than Windows. However, I don't think that it's immune, and I don't think that the script kiddies, virus writers and crackers will just give up and find something else to do if Linux supplants Windows on the desktop. Only time will tell, however.

Re:Proof of Concept?

[Smitty825]

And Windows XP SP1 has had more vulnerabilities since its release than OS X has had. (Both were released in 2001.) That says a lot more, don't you think?

I don't think that is a fair comparison, either. Since so many more people use Windows on a day-to-day basis than MacOS X, there is more of an incentive for people to create virii for Win, and there are significantly more people that know how to program Windows than OS X...

As Linux/BSD/OS X/(insert favorite OS here) grow in popularity, there are going to be more exploits in each of these OSs. This just means that everybody needs to pay more attention to their computers, and keep those security patches up to date!

Duped Logic

[soloport]

Here we go again... So, why is MS IIS so much more exploited than is Apache? Why is MS Exchange more exploited than 'sendmail' (these days)? Why is MS SQL more exploited than Oracle?

Answer: Because they are so much more exploitable; Not because they are more popular.

BTW, welcome to slashdot.

Re:What's interesting...

Bullshit. This virus exploits *no* flaw in Windows. It does have *nothing* to do with Windows being insecure or something. Yes, there are ELF viruses for Linux. There is even a virus-writing-HOWTO for Linux.

Re:What's interesting...

[Chester+K]

We have here a virus for IA64, a system that's out there in a minimal amount of machines, all high-end (presumably well-protected) servers. Now one of the standard explanations for the lack of viruses for Linux is that Linux is not as widespread. It is, however, much more widespread than IA64. Thus the amount of Linuxen out there is certainly not the only reason we're not seeing virues for Linux. Who knows, maybe Linux *is* actually more secure than Windows?

You act as if there've never been any worms or viruses for Linux...

Re:good for him!

[PopCulture]

then its a good thing we don't cheer on virus writers... you ass.

lets all bow down to this guy 'cause he is a new generation dumbass virus writer. thats about on par with your dumb-ass racist rant from your webpage.