Central Command says it has uncovered the first script virus that can execute in a hypertext server environment.
Published:
6 January 2001 y., Saturday
The good news is that the virus, PHP.NewWorld, has no payload and is not self-propagating.
Steve Sundermeier, Central Command's product manager, told Newsbytes the appearance of the virus is worrisome, since it is a "proof of concept" virus for the hypertext preprocessor (PHP) scripting language.
"If you look back at the development of scripting viruses, right through to Loveletter, you'll see that they all started with proof of concept versions," he said, adding that, once a proof of concept edition of a virus has been created, it is a few short steps for other hackers to add payloads and other destructive attributes to the program.
"PHP is server scripting language that allows programmers to embed program code in it. It works by scripting events on the server," he said.
Sundermeier said that the development should concern e-commerce companies. "It's a development they surely didn't want," he said, adding that Central Command's AVX Professional has been updated to spot and deal effectively with the new virus - and its future variants. Sundermeier predicts that, because the PHP language is absolutely free, copycats of the PHP script virus will become prominent and will have much more damaging consequences in the near future.
When it executes, PHP.NewWorld looks for php, hm, html or htt suffix files in the C:\Windows directory. All files found with these extensions will become infected. When a user executes a dot.php file, Central Command says, the virus body will be executed from an external file and will take full control.
Central Command's Web site is at htp://www.avx.com .
Šaltinis:
Newsbytes.com
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.