Advertisement
Promo

Security threats Toolkit

PHP virus sparks debate

Will Knight ZDNet.co.uk

Published: 08 Jan 2001 11:10 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Antivirus company Central Command says that a new strain of viruses written in the popular scripting language PHP could be on the way, although other antivirus experts believe the danger is limited.

Central Command last week found a "proof of concept" virus dubbed PHP.NewWorld, written in the Hypertext Preprocessor (PHP) scripting language -- a popular free server-side scripting language typically used by Web developers to automate the generation of Web pages.

Although NewWorld is not thought to be especially dangerous, Central Command says that it could lead to copycat viruses written in PHP.

In order to activate PHP.NewWorld a user would need to have PHP installed on a Windows machine and have been granted permissions to run PHP scripts. Then NewWorld would be able to infect any writeable files with the extensions .html and .php stored in the directory C:/Windows.

Although NewWorld is therefore limited, Central Command product manager Steve Sundermeier suggests that it could inspire more dangerous types of viruses written in PHP. "It can be modified to have a very destructive payload and marks a new step towards a new virus generation. Because the PHP language is absolutely free, we are anticipating that copycats of this PHP script virus will become prominent and will have much more damaging consequences in the near future." Sundermeier also says it might be possible to use email to point users to a malicious script written in PHP.

However, others say that, while this is an interesting proof of concept, we are unlikely to ever see PHP viruses in the wild.

Eric Chien, chief researcher at Symantec's Antivirus Research Centre (SARC), says that the danger is limited because PHP relies on someone having it installed on his or her computer and scripts are also most likely to be accessible on an internal network.

Graham Cluley, senior technologist at Sophos agrees that PHP viruses such as NewWorld are unlikely to spread very far. He adds that the discovery doesn't indicate a weakness in PHP but rather shows that malicious code can potentially be written in any programming language. "I don't think people should lose any sleep," he says.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the ZDNet News forum.

Let the editors know what you think in the Mailroom. And read what others have said.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
30 out of 67 people found this useful


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:









Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

DNA details of innocent will be kept f...

The government has announced that it plans to keep innocent people's DNA details for up to six years. In response to a consultation it launched last December, the government said... More

5 comments

Motorola Droid Drops Today: Happy Droi...

Motorola Droid Drops Today: Happy Droid Day America! Author: Eric Everson, Mobile Security Expert If you’re wondering what all of the buzz is about with words like Droid and Android... More

Post a comment

Mobile Security Profile: BlackBerry St...

Mobile Security Profile: BlackBerry Storm2 Author: Eric Everson BlackBerry handsets are a staple of office culture; from syncing calendars to sharing business-related data,... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters