06-14-2002, 05:00 PM
|
|
Executive Editor
Join Date: Aug 2006
Posts: 29,160
|
|
First JPEG Virus Identified
http://www.pcworld.com/news/article/0,aid,101910,00.asp
I was hoping this day would never come - someone has found a way to use JPEGs as part of a virus. Who are the idiots that write these things? Thankfully, at this stage you need to have an exe file with the virus on your machine as well in order for the virus to spread. Still, this doesn't bode well for the future of graphics on the web - I don't run an antivirus program because I've yet to find one that doesn't slow my system down, but if one day I have to scan every graphic that is downloaded...?
"A new virus can--for the first time--infect image files, says an antivirus vendor. This means the virus could spread through Web site graphics and force antivirus companies to re-engineer their products, McAfee officials say. The virus is not yet in the wild, meaning it is not spreading on the Internet; it was sent by its author to antivirus vendor McAfee Security, a division of Network Associates. McAfee calls the virus W32/Perrun, says Vincent Gullotto, senior director for the McAfee Anti-Virus Emergency Response Team, which received the virus Thursday morning.
The virus is built to spread first as an executable, or .exe, file and then in JPEG image files, Gullotto says. Were it to spread in the wild, W32/Perrun would appear as an executable that would infect JPEGs when it was run, he says. The executable can be transmitted in standard ways, such as by download and via e-mail. The first JPEG viewed after the executable is run will have the virus code appended to it, Gullotto says. The virus will then seek out other JPEG files in the same directory and try to infect them, he says. W32/Perrun is the first virus to infect JPEGs, according to McAfee."
UPDATE: Looks like this thing is likely a clever marketing hoax. I wondered about that, since JPEGs aren't excuted but read, but I certainly don't know everything (perhaps someone could alter Internet Explorer to read and execute EXIF JPEG data as an application...?)
|
| |
|
|
|
06-14-2002, 05:09 PM
|
|
Ponderer
Join Date: Oct 2004
Posts: 55
|
|
Propaganda.
"It infects jpg files but needs an executable to run"
Why bother infecting the image file when you need an infected executable?
Exactly the misinformation that caused panic among normal computer users.
|
| |
|
|
|
06-14-2002, 05:21 PM
|
|
Pupil
Join Date: Feb 2002
Posts: 11
|
|
First JPEG Virus Identified
Jason,
You are being a bit harsh with the "who are the idiots that....." part. We are assuming malicious intent on this virus authors part.
My understanding is that it is not unusual for people to send 'proof of concept' viruses to AntiVirus firms, etc. so that solutions can be found before someone else releases a similar malicious virus or worm into the wild.
I personally am glad that the anonymous person sent it to MacAfee rather than my finding out after my hard drive had evaporated mysteriously.
Chima
|
| |
|
|
|
06-14-2002, 05:59 PM
|
|
Pontificator
Join Date: Jul 2003
Posts: 1,468
|
|
Sorry - I'm just slightly flabberghasted by what I've just read:
Quote:
|
I don't run an antivirus program because I've yet to find one that doesn't slow my system down
|
Jason! Please tell me you aren't being serious!
|
| |
|
|
|
06-14-2002, 06:09 PM
|
|
Contributing Editor Emeritus
Join Date: Aug 2006
Posts: 8,228
|
|
Re: First JPEG Virus Identified
Isn't this more of a trojan? You have to first download and run the bad .EXE file so it will associate itself with JPG's.
A sane person that doesn't run .EXE's from emails or web sites wouldn't ever be affected by this.
|
| |
|
|
|
06-14-2002, 06:43 PM
|
|
Pontificator
Join Date: Mar 2002
Posts: 1,329
|
|
Shoot first ask questions later
Quote:
|
Originally Posted by Chima
Jason,
You are being a bit harsh with the "who are the idiots that....." part. We are assuming malicious intent on this virus authors part.
My understanding is that it is not unusual for people to send 'proof of concept' viruses to AntiVirus firms, etc. so that solutions can be found before someone else releases a similar malicious virus or worm into the wild.
Chima
|
People who are doing proof of concept sure. I personally don't have probs with them. Any files they are sending should be winzipped and password protected. Then the password sent in an adjoining e-mail.
But then you have 99.997% of the other virus writers who should be shot. One of my fav excuses when someone gets caught�.the old "It escaped off of my computer bit." And that is a load of crap. Any puter being used for creating a virus should be totally isolated from the net or any network. It should have a floppy and a CD burner and that should be the ONLY way to export files.
It may be harsh but I would love to see the death penalty evoked for virus writers. This is a new type of terrorism. It can ruin companies, can destroy lives (Banking records on home computers being fragged.) costs the tech industry billions and for what? A joke? A prank? :twisted: These a-holes get off with what? 3 years in jail. While IT departments are still trying to pick up the pieces after Code Red. :evil:
One last thing to consider. Right now viruses are relatively benign. Yes they trash computers, records and such. What happens when hospitals become highly dependant on networked devices? When all records in hospitals are stored in their servers? When programs that tell someone on the medical staff what doses to hand out are linked to a person's vital statistics? Now introduce a virus into this environment. Everyone still think virus writers are so cute? I say lets send a message now before someone REALLY gets hurt. :twisted: :twisted:
|
| |
|
|
|
06-14-2002, 07:25 PM
|
|
Executive Editor
Join Date: Aug 2006
Posts: 29,160
|
|
Quote:
|
Originally Posted by Duncan
Sorry - I'm just slightly flabberghasted by what I've just read:
Quote:
|
I don't run an antivirus program because I've yet to find one that doesn't slow my system down
|
Jason! Please tell me you aren't being serious! |
Well...yes I am. :-) Why is that surprising to you? I've tried many different anti-virus scanners, and they all cause significant system drag.
I've tried the Norton service that scans the POP3 email coming in by processing it through their servers, only to have their servers stop working and I can't get at my mail. :evil: And ActiveSync does this funky email caching thing where it archives email messages even after you've deleted them off your PC, so when I was getting viruses emailed to me, I'd delete them, but every time I did a sync Norton would freak out and I'd have to click through 12+ screens of "ignore".
I haven't had a virus on my computer in years. Most viruses are spread by people who don't know any better and open up attachments they shouldn't. Outlook XP blocks all sorts of HTML and scripts that could infect my machine, and I use House Call ( http://housecall.antivirus.com/housecall/start_pcc.asp) to scan floppy disks I'm concerned about, and to scan my PC once every two weeks or so.
You mean the rest of you run anti-virus programs? :wink:
|
| |
|
|
|
06-14-2002, 07:27 PM
|
|
Executive Editor
Join Date: Aug 2006
Posts: 29,160
|
|
Re: Shoot first ask questions later
Quote:
|
Originally Posted by Jonathan1
It may be harsh but I would love to see the death penalty evoked for virus writers. This is a new type of terrorism. It can ruin companies, can destroy lives (Banking records on home computers being fragged.) costs the tech industry billions and for what? A joke? A prank? :twisted: These a-holes get off with what? 3 years in jail. While IT departments are still trying to pick up the pieces after Code Red. :evil:
|
I think the death penalty is a bit harsh personally, but I agree with you on the amount of destruction that these people can cause and their penalty is far too kind.
|
| |
|
|
|
06-14-2002, 07:30 PM
|
|
Sage
Join Date: Mar 2004
Posts: 735
|
|
I also do not run an anti-virus program on the laptop that only I use. Various programs like Zonealarm and common (technical) sense have protected me well. However, on the main PC that my wife and I use, I do have AV running - just to be on the safe saide.
|
| |
|
|
|
06-14-2002, 07:43 PM
|
|
Pupil
Join Date: Feb 2002
Posts: 32
|
|
????????
From the description, it sounds like the JPEGS are irrelevant to the propagation of the virus. This whole thing smells like a scare tactic to generate sales for anitvirus vendors, to me.
|
| |
|
|
|
|
|
Linear Mode
