View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
August 20, 1998


By CBR Staff Writer

Symantec’s Anti Virus Research Center (SARC) has reported the first known virus to infect Java applets and applications. Because Java runs on virtual machines on practically any operating system from Windows 95 ot a Cray supercomputer, Strange Brew also claims the distinction of being the first cross- platform virus. Java was always intended to run distributed applications across networked devices, so its original developers paid careful attention to security. In particular, they built a ‘sandbox’ designed to confine Java applets, thus preventing them from executing potentially damaging behavior on the client machine. As a result of these and other measures, Java security flaws, though widely reported, have been relatively few and far between (CI No 3,444). Oddly enough, the new virus reflects this investment in security. While Strange Brew may damage Java executable files, it is considered unlikely to cause serious harm. It is not loose in the wild and no users are known to have been affected. It’s also fairly difficult to transmit. Symantec itself says it does not consider Strange Brew a threat to typical end-users or corporations. However it does say that anyone doing Java development on the web is at some risk of having their .class files infected or corrupted. Strange Brew is a parasitic virus which attaches itself to Java .class files. When such a file is launched, the virus attempts to infect other files. If it can’t, it hands control of the client back to the host application and terminates itself. Symantec reports that the insertion process is poorly designed by viral standards, with several serious bugs that could cause Strange Brew to infect files incorrectly or crash. Ironically, the most serious threat of the otherwise benign virus – researchers call it a proof-of-concept rather than an actively malicious attack – is that a botched attempt at infection may corrupt a .class file. Telltale signs of infection include Java applications taking longer to load during startup or failing to operate at all. Symantec has posted detection tools on its homepage at á

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.