The maker of antivirus Symantec announced on Friday (24) new information about a virus discovered in July called “Crisis.” The worm arrives in format. “Jar”, used by Java and is compatible with Windows and Mac OS X and can be disseminated on web pages through the Java plug-in. In Windows, the virus also has the ability to infect Windows Mobile phones and virtual machines in VMWare format, the first plague known to have this ability.

When run on the Macintosh, the virus Crisis acts as a spy trying to steal system information and send it to a server on the Internet. It is compatible with various programs such as Safari and Firefox browsers, messengers and Skype and Adium, including being able to capture keystrokes. The virus does not require the administrator password to install.

In Windows, in addition to these features, it can also spread to a mobile phone with Windows Mobile, if one is connected to the PC. Symantec does not yet have many details on this function.The virus does not spread to mobile phones with Windows Phone, Microsoft’s new system for smartphones.

Virtual machines
function more innovative Crisis is infection of VMWare virtual machines. Virtual machines are used to run more than one operating system at the same time on a computer, isolating one from the other system for security, application testing, compatibility or even virus analysis. If the Crisis detects a file from a VMWare virtual machine, it is able to infect it.

The developer VMWare noted that the pest does not exploit any vulnerability in software and does not contaminate the Crisis encrypted virtual machines. The code also is not able to “get out” of a virtual machine – he infects the virtual machines only if you have already achieved major attack the host system. This behavior of the virus called attention because normally prevent malicious code being run on virtual machines.

The Crisis also includes a function to spread on pen drives using the AutoPlay feature (“autorun”). According to Kaspersky Lab, which calls the virus “Morcut” no information on many digital plague victims. Sergey Golovanov, an analyst at Kaspersky Lab, which evaluated the characteristics and functions of the code indicate that it could be used not only by criminals but also by police.

Post a Comment Blogger
