Content

Shruggle virus hits 64-bit Windows

The author of the proof-of-concept Chiton virus family has claimed another first by writing the first virus to attack a Windows 64-bit executable file running on AMD systems.

The Shruggle virus tries to infect 64-bit executables files in the same folder it was run in, and explores sub-folders looking to infect files there. The virus then appends itself to the file, including dll files.

The virus is another proof-of-concept virus by virus writer "Roy G Biv" aimed at showing how the 64-bit version of the operating system is just as prone to attack as its 32-bit brethren. The author normally writes virus code with no malicious payload and then submits his work to anti-virus firms rather than releasing them into the world.

According to researchers at anti-virus firm Symantec, the code looks a lot like previous viruses Rugrat and Shrug and unusually for a virus it is written in AMD 64-bit assembly code rather than a high-level language.

The Rugrat virus was the first virus to attack 64-bit Windows Portable executable files using Thread Local Storage structures to execute the viral code..

https://securityresponse.symantec.com/avcenter/venc/data/w64.shruggle.1318.html

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds