http://www.nerdnations.com/bbs/showthread.php?threadid=189 - not good new virus that spreads via .JPG file

Originally posted by is0lized
new virus that spreads via .JPG file No, it doesn't "spread via jpg files." Some code is stored on jpg files of affected systems. If you open a jpg file that contains Perrun content nothing bad will happen -- unless you also have on your system the executable extrk.exe, and that program has been set through the registry to open jpg files.

But if someone should happen to have that set of files on their computer, and they send you a jpg file, perrun will not be spread to your system.

see my last quote :)

In its current form, an infected JPG file cannot infect another computer on its own. But Gullotto said there's no reason a virus writer couldn't make the picture itself able to infect other computers.

Originally posted by is0lized
see my last quote :) I wasn't reacting to what you wrote in your own forum, but to what you wrote here. There's enough inaccurate virus hype around in the mainstream media already; and I do what little I can to counter such hype when I see it.

It's not accurate to say that this is "new virus that spreads though jpg files." It would spread, if it were to spread, like many others: through email attachments designed to look harmless while hiding an executable program containing the malicious code.

The statement that guy who makes money based on how many copies of anti-virus software his company sells is quoted to have said to some unnamed Associated Press writer notwithstanding, there certainly is a "reason a virus writer couldn't make the picture itself able to infect other computers." "Pictures" aren't executable. "Pictures" can not "infect other computers," or cause any damage at all, and they never will.

The statement in the article that "When the picture is viewed, it can infect other pictures" is simply inaccurate. The picture does nothing, the registry has been altered so that instead of whatever program you were using to view jpg files, the file extrk.exe -- containing virus payload -- is executed instead. That porgram "infects other pictures," the jpg file you are viewing does not.

This thing is harmless unless you also have that executable component. And if that's going to get to your PC somehow anyway, why not just put the entire virus payload there?


I don't see where Perrun or the idea behind it would expose any computer user to any risk that doesn't already exist, or how it really illustrates any new potential risk. It's a demonstration of a concept: put some of the virus code in a different file. So what? It even makes the infection easier to detect: the infected files will have changed in size. Maybe it's interesting as a concept, but in the real world if you wanted to make a destructive virus you could just as easily have put all of the virus code in the executable program file, and still had it activated when a jpg was read.