Crossplatform virus - the latest proof of concept
Posted Apr 11, 2006 11:50 UTC (Tue) by carcassonne
In reply to: Crossplatform virus - the latest proof of concept
Parent article: Crossplatform virus - the latest proof of concept
The partition type is irrelavant, if the partition can be mounted then the file can be read if you're running something that can run win32 binaries ie. windows, wine. then an infected win32 binary can infect other binaries(in this case in the same folder)
Maybe I'm too technical or pratical here, or perhaps I think that anti-virus companies can try to make a buck at Linux, but it seems that the propagation vector of such a dual-platform virus is quite restrained. A Linux virus ? OK. A Windows virus ? certainly. But one that does both ? Must be under certain precise conditions such as, you mentioned, running Wine.
I don't know about Wine since I'm using VMware since many years, but it looks like running Windows exe files directly in Linux is not a good idea to start with. Better run a virtual machine instead.
Some Windows dlls are used in Linux. Like codecs or hardware drivers (Linksys WiFi adapters for instance). These could be infected right at the distributor. Linksys could have infected dlls but that's something quite rare, even today. Companies, especially large, do look after the condition of their binaries.
Now, I wouldn't be surprised that an anti-virus company tries to cash on the general ignorance of Linux systems. Why not ? As more and more people move towards Linux, this is a profitable avenue. These people are used to infested and otherwise unstable Windows environments and do not know much about Linux. A perfect combination for an aspiring anti-virus company ! ;-)
Hopefully, the mandatory bunch of developers moving to Linux (also coming from Windows) won't facilitate the spread of virii and other worms in Linux systems !
to post comments)