RealTime IT News

New Shockwave Virus Uncovered

Anti-virus experts discovered a brand new virus that attacks Shockwave files, but say the bug is a low risk to most people.

San Francisco-based Macromedia , which makes Shockwave software Wednesday acknowledged the problem and released a patch to fix it.

Although it doesnt appear as devastating compared to other well-known computer infections such as NIMDA, Code Red, Melissa and ILOVEYOU, this is the first time anyone has detected a virus written for the popular Web animation software.

Researchers at

Sunnyvale, Calif.-based McAfee's AVERT and F-Secure were among the first to identified the worm early Tuesday morning and have named it SWF.LFM.926.

"The virus is pretty low risk because it really depends on so many factors," says AVERT researcher Craig Schmugar. "First off you have to be running Windows NT, 2000 or XP. Then you have to have the stand alone player and then you have to save the file with other clean Shockwave files."

From there SWF.LFM.926 uses the Shockwave ActionScript scripting system to spread. While infecting other files, it shows a DOS window display saying "Loading Flash Movie". The V.COM file is then capable of infecting other .SWF files in the current directory.

"That is the only way that you would even know that your files are affected is that DOS display," says Schmugar.

The virus then overwrites parts of the file rendering them useless. Experts say the infected files should be deleted and restored from backup.

AVERT and F-Secure say it is unlikely to ever become wide spread due to its dependency on the stand-alone version of the Macromedia Flash Player, rather than the browser plug-in commonly installed on most systems.

So why would anyone want to build a virus for only a fraction of the population. How about as a stepping stone to other viruses.

"Most virus writers want more bang for their buck, which is why you don't see a lot of Macintosh-based viruses," says Schmugar. "But this one could pave the way for future viruses unless people are made aware of the risks."

The advice from experts is - as always - never open attachments you are not expecting, update your virus programs often and always back up your data.