[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [linux-team] the first step in a new direction of PHP virus



Hello !

On Sat, Jan 06, 2001 at 12:23:12PM +0100, Geoffrey Bataille wrote:
> PHP.NewWorld Virus represents the first step in a new direction of virus
> writing in the year 2001

[blah blah blah]

> Description:
> PHP.NewWorld looks for .php, .hm, .html or .htt files in the C:\Windows
> directory. All files found with these extensions will become infected. When
> a user executes a .php file, the virus body will be executed from an
> external file and will take full control. In the case that the string
> “NewWorld.PHP” is identified as already existing, the infection routine will
> not be launched again. Thus, a file will not get infected twice.

Comme n'importe quel autre virus, donc. On le lance, il explose, et
c'est perdu. Je ne vois rien de réellement novateur. Pour ceux qui ne
s'en douteraient *pas encore*, on peut faire la même chose avec
n'importe quel contenu actif qui n'est pas exécuté dans une sandbox.

Des problèmes comme celui des players SWF (ShockWave Flash), voir
http://slashdot.org/article.pl?sid=01/01/04/0217207&mode=thread, sont
bien plus préoccupants, dans la mesure où ils touchent des « innocents ». 

> PHP.NewWorld has no activation date. The virus is not able to spread out
> from the infected system.

Cu,
Dash.

-- 
"If you can, help others. If you can't, at least don't hurt others."
                -- the Dalai Lama
-- 
Damien Diederen
dash@linuxbe.org
http://users.swing.be/diederen/

[ linux-team@rtfm.be and linux@lists.linuxbe.org in ONE :)         ]
[ To subscribe or unsubscribe, go to http://linuxbe.org/ml.php     ]
[ http://LinuxBe.org - http://OpenBe.net - listmaster@linuxbe.org  ]