Nemesis11
Power Member
The proof-of-concept threat is not spreading in the wild, and it only affects 64-bit Windows systems.
The attack is a proof of concept with no payload. Named W64.Rugrat.3344 by Symantec, it's very old-fashioned in technique. When executed it infects all 64-bit executable files, excluding .DLL files, in the directory from which it was executed, and all subdirectories, and then exits.
Rugrat will not execute on conventional 32-bit Windows systems nor will it infect 32-bit Windows executables. The worm is written in Intel Corp. 64-bit assembly language.
"Currently, there isn't a broad penetration of 64-bit systems. Most home and business systems deployed today are running on 32-bit platforms and are not affected by this threat," said Vincent Weafer, senior director of Symantec Security Response. "At this time, we are not expecting widespread copycats, since assembly code requires advanced technical knowledge."
http://www.eweek.com/article2/0,1759,1602191,00.asp