The proof-of-concept threat is not spreading in the wild, and it only affects 64-bit Windows systems.
Symantec Security Response has revealed that it has analyzed the first 64-bit Windows attack code. The attack is a proof of concept with no payload. Named W64.Rugrat.3344 by Symantec, it's very old-fashioned in technique. When executed it infects all 64-bit executable files, excluding .DLL files, in the directory from which it was executed, and all subdirectories, and then exits. Rugrat will not execute on conventional 32-bit Windows systems nor will it infect 32-bit Windows executables. The worm is written in Intel Corp. 64-bit assembly language.
News source: eWeek
-1 Comments - Add comment