X
Home & Office
Home Home & Office Networking

Virus writers take an early crack at .Net

'W32.Donut' specifically aims at Microsoft's .Net programming language, showing that virus writers are thinking ahead
Written by Robert Lemos, Contributor

Virus writers have apparently made the early developer list for Microsoft's .Net initiative.

On Wednesday, antivirus companies received a copy of the first virus capable of infecting files based on Microsoft's .Net Intermediate Language, or MSIL.

Known as W32.Donut, the virus does little but infect other .Net files, but it shows that the programmers who create such code are looking ahead, said Motoaki Yamamura, a virus researcher with security software company Symantec.

"The only interesting part is that it infects a new class of files," he said. "Traditionally, virus writers look for what is coming out next and look at being the first at spreading viruses and worms on those new platforms."

W32.Donut is a true virus, infecting files on the computer and spreading only when those files are moved to a new computer by email or copying and then opened.

One of every 10 times a file infected with Donut starts up, the virus will display the message "This cell has been infected by dotNET virus!" and the author's name. Though the virus spreads to .Net files, only a small fraction of it is written in MSIL, according to both Symantec and the author's description of the virus.

It's uncertain whether such a virus could spread among files when Microsoft's .Net framework is up and running, as the company has several security checks in place.

Microsoft representatives could not immediately be reached for comment.

Microsoft.Net is the company's largest push yet to turn its software into a network over which consumer, business and financial services can be easily delivered. With the .Net initiative, the Redmond, Washington software giant says it is attempting to build a more secure framework.

For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Viruses and Hacking News Section.

For everything Internet-related, from the latest legal and policy-related news, to domain name updates, see ZDNet UK's Internet News Section.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read other letters.

Editorial standards
Show Comments

Related

logi-ai-prompt-builder-mx-setup

Logitech mouse and keyboard users are getting a free AI upgrade

Installing Deepin desktop on Ubuntu.

Don't like your Linux desktop? Here's how to install an alternative

GOTRAX 4 electric scooter

The most charming projector I've tested has now replaced my TV for movie nights