Jump to content
Posted 06 December 2010 - 08:10 PM
Posted 06 December 2010 - 10:23 PM
First Reported JPEG Virus Found
The W32/Perrun virus...extracts data from JPEG files and then injects picture files with infected digital images....it is the first viral program with multiple parts and the ability to carry viral code from programs into data files. Until now, data files were relatively immune to infection. Not so anymore, say experts.
F-Secure Virus Descriptions : Perrun
Perrun is a proof of concept virus that appends itself to JPEG files. In order to run the viral part it modifies the JPEG handler program in the registry and drops a special extractor to the system that extracts and runs the malicious code. In practice it means that the malicious part in a JPEG file will run only if the system is already infected with the virus. A clean system can not get infected from an "infected" JPEG file since that would need the virus to be active on the system already.
A proof-of-concept exploit which executes code on the victim's computer when opening a JPG file was posted to a public website on September 17th, 2004...the exploit executed a code that could download and run a file from Internet. However, the JPG file with the exploit has to be previewed locally for the exploit to get activated; viewing a JPG file from a remote host does not activate the exploit.
Posted 07 December 2010 - 07:50 PM
Edited by Arstone112, 07 December 2010 - 09:21 PM.
Posted 07 December 2010 - 09:06 PM
Posted 07 December 2010 - 09:07 PM
Posted 07 December 2010 - 09:21 PM
Posted 08 December 2010 - 10:56 AM
0 members, 0 guests, 0 anonymous users