Virus Writers Look Ahead: Target 64-bit Windows

Ashcrow writes "A new virus, named W64.Shruggle.1318 by Symantec, is being 'tested' on AMD64 machines running 64-bit Windows. While it is not currently a danger to 64-bit Windows users, it does show that virus writers are looking toward the future. The exploitable software in questions is currently unreleased outside of beta. News.com has the full article."

Interesting.

[London+Bus]

I hadn't realised that there were sufficiently many fundamental changes to a 64-bit system as compared to a 32-bit system that meant that a virus written for one wouldn't work on the other. What's so different? How does a different integer or word size affect the functioning of a virus so greatly, when interoperability is such a priority?

Re:Interesting.

[dagoalieman]

As I understand it, and I hope if I'm wrong someone does so and gets a +5 mod... I'm going to be very general and semantic, I'm sure you'll see the point, but details as always are better. :)

While software is made to be compatible, and Windows has code written into it to help with compatibility, as well as the processors have extensions. Windows also has code in order to take advantage of the 64 bit processor abilities to their fullest. While there's compatibility options available, most of the code that Windows executes was made for 64bit CPU (I should say most of the *compiled* code... I'm not sure how much of a rewrite was needed for porting, as opposed to compiler changes.)

With new code comes new holes, obviously. And the same can be said for third party softwares- that new code which takes advantage of the processors to its fullest will have some new code (extending through compilation, of course).

I would say, though, it wouldn't surprise me to find out that the programs themselves are really quite incompatible, but the files themselves are written for maximum compatibility. Pop one in an email, and it works on a 32 bit based machine I mean.

As an aside, I wonder if this is an attack on AMD's compatibility, or 64 bit code in general.. I note that the article mentions AMD with specitivity, not Intel.

I agree, forget Joe (L)user

[panurge]

W64 is an opportunity to move away from the whole "the system has to be insecure because Joe Sixpack is stupid" syndrome. If OS X can drop down a window asking for an admin password before installing updates, so can W64. W64 will be supposed to be a professional OS, for Turing's sake. Why can't MS simply use a few $$ of the billions to produce a nice "read this first" poster to explain to newbies how their nice new security system works, and how it will make using the computer so much more pleasant?

Tinfoil hat time: perhaps all the FUD about SP2 problems, users unwilling to update etc. is just being put out by spammers and malware merchants.

I agree there is a problem, especially with people who think they are creative. I'm afraid I was positively delighted when the author Louis de Bernieres lost the first 60 pages of his new novel becaue he had failed to make a backup, and complained that he didn't expect to have to make backups, he wasn't a computer expert (or words to that effect). People need to understand that failure to learn the basics can result in pain and distress.

here's the grain of salt

[maxpublic]

Some years ago I contracted with Symantec for about five months and worked closely with several of their departments, including the folks who did tech support for their anti-virus software. During that time Symantec offered a cash bounty to any techie who brought in a virus 'from the wild' that wasn't covered by the their antivirus software.

It was common knowledge that many of these 'wild' viruses were actually, in fact, written by the support staff themselves in order to collect on the bounty. But Symantec didn't care because this just allowed them to enlarge their virus definition file and show their customers why it was important to subscribe to their update service. From my point of view it was a "wink, wink, nudge, nudge" sort of thing.

This was one of just many things about Symantec which disgusted me so much that after that contract I refused to work with them ever again. I don't know if they still have an update service for their anti-virus software, but it wouldn't surprise me if many of our future 64-bit viruses came directly from employees of Symantec itself.

It's a great business model: release the viruses, then sell the software that combats those viruses. Unethical and illegal, but a solid money-maker for those who don't care about such trivial things.

Max

Lol the general public can't handle OSX

[SmallFurryCreature]

The average Apple user I have met isn't a computer whizkid. However there is a huge difference with the unwashed windows hords. The Apple user KNOWS he is a computer moron. Most of them therefore do little things like read the goddamn fucking manual. They are also less likely to be upset about safeguards. (just check with your local emergcency crew, it isn't the 2 left hands doctor who decides to do a bit of DIY who cuts of his thumb. It is the DIYer who think he knows it all and thinks safety catches are for wimps)

The problem with windows isn't that its users are stupid and don't know shit. The problem is that MS has chosen to encourage these computer morons to feel like they know what they are doing and has given them enough rope to hang themselves with.

It makes people feel good and gives helpdesk monkeys around the world fulltime employment.

Remember, virusses, trojans, spyware ARE GOOD for the local economy.