The proof-of-concept was submitted to Russian antivirus company Kaspersky Lab, which calls it Bi.a. The virus was written in low-level computer code called "assembler" and is limited, as it only infects files in the current directory, Kaspersky said Friday on its Web site. However, it can infect files in the different formats used by Linux and Windows--ELF and PE, respectively, Kaspersky said.
The virus is a classic proof-of-concept, written to show that it's possible to create a cross-platform virus, Kaspersky said. "However, our experience shows that once proof-of-concept code is released, virus writers are usually quick to take the code and adapt it for their own use," Kaspersky said.
That concern is shared by Swa Frantzen, who tracks incidents at the SANS Internet Storm Center, which monitors network threats. "The impact of the proof-of-concept at this point is very low in itself, but it is a sign the cross-platform aspects are becoming important," Frantzen wrote on the ISC blog. "As the developers of viruses continue to research this, we will see more cross-platform malware come about in the future."
Kaspersky has added detection for the malicious software to its antivirus databases.