Sophos, a world leader in corporate anti-virus protection, has
discovered the first virus capable of infecting Macromedia Flash
files commonly used on popular websites.
The SWF/LFM-926
virus targets webmasters who use Macromedia Flash to make their
websites more attractive with animation and special effects. End
users who browse an affected website may become infected if they
download and open the Macromedia Flash file on their computer.
"Computer users visiting snazzy sites would get more than they
bargained for if they downloaded this virus," said Graham Cluley,
senior technology consultant for Sophos Anti-Virus. "The Macromedia
Flash virus is not yet in the wild, but it is clear proof that
virus writers continue to search for new ways to infect computer
users. The best defence is to keep your security software
up-to-date and practise safe computing."
Sophos recommends webmasters put in place procedures and
policies to ensure the integrity of the code they place on their
websites, whether it be obviously executable (in the case of, for
instance, EXE and COM files) or Macromedia Flash movies.
Sophos has shared the virus securely with other anti-virus
vendors to allow other analysts the opportunity to examine this new
type of attack, and build protection into their respective security
products.
Sophos has issued a detailed analysis and
protection against the SWF/LFM-926 virus.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.