Sophos Anti-Virus, a world leader in corporate anti-virus
protection, has discovered the first virus capable of infecting
Shockwave Flash files commonly used on popular websites.
The SWF/LFM-926
virus targets webmasters who use Shockwave to make their websites
more attractive with animation and special effects. End users who
browse an affected website may become infected if they download and
open the Flash file on their computer.
"Computer users visiting snazzy sites would get more than they
bargained for if they downloaded this virus," said Paul Ducklin,
head of global support for Sophos Anti-Virus. "The Shockwave virus
is not yet in the wild, but it is clear proof that virus writers
continue to search for new ways to infect computer users. The best
defence is to keep your security software up-to-date and practise
safe computing."
Sophos recommends webmasters put in place procedures and
policies to ensure the integrity of the code they place on their
websites, whether it be obviously executable (in the case of, for
instance, EXE and COM files) or Shockwave Flash movies.
Sophos has shared the virus securely with other anti-virus
vendors to allow other analysts the opportunity to examine this new
type of attack, and build protection into their respective security
products.
Sophos has issued a detailed analysis and protection against
SWF/LFM-926.
Sophos's ten point plan for a safe computing policy can be found
here.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.