Macromedia virus: a flash in the pan?

Sophos Press Release

Sophos, a world leader in corporate anti-virus protection, has discovered the first virus capable of infecting Macromedia Flash files commonly used on popular websites.

The SWF/LFM-926 virus targets webmasters who use Macromedia Flash to make their websites more attractive with animation and special effects. End users who browse an affected website may become infected if they download and open the Macromedia Flash file on their computer.

"Computer users visiting snazzy sites would get more than they bargained for if they downloaded this virus," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "The Macromedia Flash virus is not yet in the wild, but it is clear proof that virus writers continue to search for new ways to infect computer users. The best defence is to keep your security software up-to-date and practise safe computing."

Sophos recommends webmasters put in place procedures and policies to ensure the integrity of the code they place on their websites, whether it be obviously executable (in the case of, for instance, EXE and COM files) or Macromedia Flash movies.

Sophos has shared the virus securely with other anti-virus vendors to allow other analysts the opportunity to examine this new type of attack, and build protection into their respective security products.

Sophos has issued a detailed analysis and protection against the SWF/LFM-926 virus.


More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com/company.