First 64-Bit Windows Virus Arrives - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications

First 64-Bit Windows Virus Arrives

The virus, Rugrat.3344, uses Thread Local Storage structures within the operating system to execute itself.

Security firms say they've discovered the first virus that targets PCs running 64-bit versions of Microsoft's Windows operating system.

Both Symantec and Network Associates have captured samples of Rugrat.3344, a virus that uses Thread Local Storage structures within the operating system to execute itself, "an unusual method of executing code," according to Symantec.

Anti-virus companies are quick to point out that Rugrat isn't spreading, but is actually what's called a "proof-of-concept virus"--malware designed to demonstrate vulnerabilities and the ability to mount an attack. It doesn't spread from machine to machine, like a true worm.

Rugrat infects IA-64 (Intel Architecture 64) executables, and also infects files in the same folder that contain the virus, as well as that folder's associated subfolders.

Both Symantec and Network Associates suspect that the author of Rugrat is the same individual who crafted other proof-of-concept viruses in the Chiton family. Six variations of Chiton have been discovered so far, each which demonstrates a new vulnerability within Windows.

The Chiton series includes groundbreaking viruses such as Gemini, which was the first to run two instances of itself simultaneously to prevent elimination, and OU812, the first to use the language .dll support in Microsoft Visual Basic files to execute the code.

Because 64-bit Windows is relatively scarce, both Symantec and Network Associates ranked Rugrat as a low-level threat. Symantec has pegged it as a "1" in its 1 through 5 scale, while Network Associates labeled it as "Low."

Rugrat cannot infect 32-bit versions of Windows, such as XP, 2000, NT, or 9x, but Symantec says it could infect 32-bit systems using 64-bit simulation software.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
Top-Paying U.S. Cities for Data Scientists and Data Analysts
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/5/2019
Slideshows
10 Strategic Technology Trends for 2020
Jessica Davis, Senior Editor, Enterprise Apps,  11/1/2019
Commentary
Is the Computer Science Degree Dead?
Guest Commentary, Guest Commentary,  11/6/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll