Ambidextrous Linux/Windows Virus

Lam1969 writes "Kaspersky Labs has reported a new proof-of-concept virus that can infect both Windows and Linux systems. It's called Virus.Linux.Bi.a/Virus.Win32.Bi.a and affects ELF binaries and .exe's from windows. SANS has a brief item on the cross-platform virus as well, but no information about a patch or signature yet."

Re:How is it POC?

[EndlessNameless]

It seems that the reason it's considered a POC at this point is because it has no real payload. All it does is spread, and not nearly as heinously as Blaster/Welchia/Sasser.

As soon as it gets backdoor or downloader functionality... then it becomes a more serious threat. And really you, me, and the guys at Secunia/SARC/SANS/ISC/etc all know that's where this is headed.

So yes... in the sense of where this particular piece of malware is headed, this is a proof-of-concept. It's a live test of the progagation mechanism. The payload will be dropped into place soon... probably in the next version since this one looks like it's working fine.

Re:Not to worry

[Rosco+P.+Coltrane]

Windows users are prepared for viruses and the reason Linux users do not sweat them much is not because linux viruses do not exist; it is because system design makes their impact minimal.

Actually, you're quite wrong. Linux flaws have existed and are still found today that can be (and have been) taken advantage of. The reason Linux users don't sweat is because flaws are spotted quickly by many people who read the code, and fixed quickly too. That and people who code open-source tend to produce good code, as a matter of pride.

Oh and by the way, Windows has a "safe"(well, safer) operating mode in the form of a user account, but nobody uses it because it's a PITA, so everybody stays in supervisor mode and bad things happen.