Apr6
by
Jessie Paz (Advanced Threats Researcher)
A Russian antivirus company has reported a proof-of-concept virus that runs in iPodLinux (an open source port of Linux in iPod) on top of Podzilla 2 user interface. The virus which marks the infected files with “Oslo” was written by the same author of PE_IKOL.A. It has no destructive payload but merely shows the tux iPodLinux logo together with the following message. It registers itself in the /Extras/Demos menu section of the iPod.
You are infected with Oslo, the first iPodLinux Virus by [author].
The virus only infects ELF executable files (ends with
mod.o) in the /usr/lib/ directory of iPod, recursively. It writes the copy of itself at the top of the host file and appends its marker (”Oslo”) at the bottom. It also attempts to show to the user some greetings when the iPodLinux was shutdown.

The virus being the first of its kind was used by the author to show that malware can run on iPodLinux platform even though it needs to be manually executed to trigger its infection routine.
This entry was posted
on
Friday, April 6th, 2007
at
10:34 am and is filed under
Uncategorized .
Responses are closed, but you can trackback from your own site.
November 12th, 2007 at 4:56 am
[...] read more | digg story [...]