Virus Authors Developed A Proof of Concept Virus, WinHex
Virus authors have developed a proof of concept virus that attacks a commonly used computer forensic device, as per the news published by The Register on June 18, 2007.
The virus is called WinHex, a strong computer forensic, data recovery, IT security device. WinHex prepends itself to each existing WHS (WinHex script) files. On getting infected the WinHex scripts become inactive and spreads the infection to other PCs. For this reason it is called "Vred.A". However, WinHex alerts the user before executing any script so the virus spreads only by acquiring a user's permission.
In June this year, the proof of concept bug attacked Google's desktop. Robert Hansen, CEO, Sectheory.com, an Internet Security Corporation, posted a blog regarding 'proof of concept' on Ha.ckers.org where he contributes regularly.
Hansen explained that the latest flaw in Google Desktop uses a 'man in the middle' attack. In such an assault a hacker comes amid a user as well as Google's server, reports Techshout in June 2007.
However, the malware's appeal is limited to its inquisitiveness value. It is often thought that by constructing proof of concept viruses, malware writers try to flaunt their knowledge and skill to their peers. They could also be experimenting on processes that their opponents in the anti-virus community might be capable of bringing out some time. The standard targets for such assaults are smartphones, PDAs, or other specialist platforms.
Using this process to unpick computer security devices is rare but not impossible. In 2006, Vxers designed a proof of concept virus that attacked IDA (Interactive Diassembler Pro), a device that anti-virus researchers use to analyze the behavior of different specimens of malware.
The malicious code corrupts the scripting language that IDA uses. Sometimes researchers share the elements of the scripting language to construct an executable file on Windows. The executable looks for new IDC files to construct another executable file.
Kaspersky Labs conducted a study in 2006 where it concluded that while hackers develop proof of concept program for ever-emerging mediums it may not necessarily result in malware causing potential damage.
Related article: Virus Infects Through USB Drives
» SPAMfighter News - 03-07-2007