X-SciTech

New Computer Virus Worries

By Mike Sims

June 13, 2002 / 12:00 AM EDT / CBS

A new computer virus is the first ever to infect picture files, an anti-virus firm reported Thursday, making sharing family photos on the Internet a potentially dangerous activity.

The virus, dubbed Perrun, is not currently infecting computers but worries anti-virus experts because it is the first to cross from program infection into data files, long considered safe from malicious data.

"Our concern is more for what might be coming," said Vincent Gullotto, head anti-virus researcher at McAfee Security. "Potentially, no file type could be safe."

CBS Radio News Computer Consultant Larry Magid says most viruses we see are actually little software programs that infect your computer when they are run. In this case, the virus hides inside a file containing a digital photograph, a type of file previously thought to be safe from infection. Magid says so far the threat is purely theoretical. No one has been infected and there is no immediate danger. However, some experts worry that it could foreshadow a dangerous trend.

Perrun still needs some tweaking to become dangerous. The virus arrives via e-mail or a floppy disk as an executable file. Security experts always warn against opening programs sent as e-mail attachments.

Once run, the file drops an "extractor" component onto the victim's hard drive. When a computer user clicks on a picture file with the extension .JPG -- a common picture file found on the Web -- it is infected before it appears. Because the picture displays normally, Gullotto said, the victim may not know there's anything wrong.

In its current form, an infected JPG file sent to a friend or placed on a Web site isn't dangerous without the extractor file. But Gullotto said there's no reason a virus writer couldn't stuff the entire virus code into the JPG, making the picture file a virus itself.

That evolution should make computer users think twice about sending pictures -- or any other media -- over the Internet, Gullotto said.

"I think there's a possibility that this could change the playing field," he said. "Going forward, we may have to rethink about distributing JPGs."

McAfee researchers received the virus from its creator. Gullotto declined to identify the author, and McAfee anti-virus software can detect and remove Perrun.

Perrun is known as a proof-of-concept virus, and does not cause damage. Gullotto said he fears that virus writers may use Perrun as a template to create a more destructive version.

More from CBS News