Perrun Virus Is First to Infect Picture Files
A new virus threatens to strike one of the Internet’s most common and useful activities: sharing family photos.
The malicious program, the first to infect picture files, is not attacking computers. Called Perrun, it worries researchers because it is the first to be able to cross from infecting a program to infecting data files, long considered safe from such threats.
“Our concern is more for what might be coming,” said Vincent Gullotto, head anti-virus researcher at McAfee.com Corp., which produces top-selling anti-virus software. “Potentially no file type could be safe.”
As with any computer threat, the best way to protect a computer is to have updated anti-virus software.
McAfee researchers received the virus from its creator. Virus writers typically send their new work to researchers--as well as fellow virus writers--as a way of bragging about their skills. Gullotto declined to identify the author.
McAfee said its anti-virus software can detect and remove Perrun.
Perrun is known as a proof-of-concept virus and does not cause damage. But Gullotto said he fears other virus writers may use Perrun as a template to create a more destructive version.
Until now, viruses infected program files--files that can be run on their own. Data files, such as movies, music, text and pictures, were safe from infection. Though earlier viruses deleted or modified data files, Perrun is the first to infect them.
Perrun inserts portions of the virus code into the picture file. When the picture is viewed, it can infect other pictures. If the author wished, the virus could delete files on the computer or perform other mischief.
The virus would need modifications to become dangerous, because it arrives as a program file that can be attached to an e-mail. Security experts always warn against opening programs sent as e-mail attachments.
Once run, the file installs a program onto the victim’s hard drive that can infect pictures. When a computer user clicks on a picture file with the extension .jpg--a common picture file found on the Web--the picture is infected before it appears. Because the picture displays normally, Gullotto said, the victim may not know there’s anything wrong.
