First Virus Aimed At AMD64 Processors Spotted
Symantec on Tuesday said it had discovered the first "proof-of-concept" virus that targets AMD's 64-bit processors.
Dubbed Shruggle, the virus is similar to Rugrat, another proof-of-concept that in late May put Windows' 64-bit operating systems in its sights.
Like Rugrat, Shruggle doesn't spread from one machine to another, but can infect only one system at a time by appending itself to 64-bit executable files.
The virus is written in AMD64 assembly code, said Symantec analysts, and so won't run on 32-bit editions of Windows, such as Windows XP and Windows 2000.
"Shruggle is a fairly simple proof-of-concept virus," said Oliver Friedrichs, senior manager of Symantec's virus response team, "to show that the AMD platform is just as susceptible to attack as any other platform."
Even if it was released in the wild, Shruggle couldn't do any damage, since the 64-bit versions of Windows that it attacks won't be formally released until sometime in the first half of 2005.
"This is a growing trend of malicious code authors," said Friedrichs. "They're branching out to other platforms, like the embedded device market, and they're getting an early start on coming up with attack vectors on new technologies."
Other proof-of-concept viruses have popped up in recent months, exploring vulnerabilities in not only Windows 64-bit -- which will be called Windows x64-- but also Windows CE.
Friedrich said it was too early to tell whether Shruggle is the work of the same hacker or group of hackers as Rugrat and other recent proof-of-concept viruses.
From SecurityPipeline.com
Like Rugrat, Shruggle doesn't spread from one machine to another, but can infect only one system at a time by appending itself to 64-bit executable files.
The virus is written in AMD64 assembly code, said Symantec analysts, and so won't run on 32-bit editions of Windows, such as Windows XP and Windows 2000.
"Shruggle is a fairly simple proof-of-concept virus," said Oliver Friedrichs, senior manager of Symantec's virus response team, "to show that the AMD platform is just as susceptible to attack as any other platform."
Even if it was released in the wild, Shruggle couldn't do any damage, since the 64-bit versions of Windows that it attacks won't be formally released until sometime in the first half of 2005.
"This is a growing trend of malicious code authors," said Friedrichs. "They're branching out to other platforms, like the embedded device market, and they're getting an early start on coming up with attack vectors on new technologies."
Other proof-of-concept viruses have popped up in recent months, exploring vulnerabilities in not only Windows 64-bit -- which will be called Windows x64-- but also Windows CE.
Friedrich said it was too early to tell whether Shruggle is the work of the same hacker or group of hackers as Rugrat and other recent proof-of-concept viruses.
From SecurityPipeline.com