A vendor of antivirus software said yesterday that a clone of the Chernobyl virus (also known as CIH) is on the loose, but a rival software vendor discounted the threat.
Central Command said that the clone, named Emperor, is more contagious and more destructive than the original virus, while Network Associates, considers Emperor to be a low-risk contagion.
According to press release issued by Central Command, the new virus' code occupies about 6KB. It infects 16-bit DOS files, including .com and .exe programs, and, like the Chernobyl virus, it can erase data on the hard disk and render the PC useless. Central Command's suggested antidote is its AntiViral Toolkit Pro, developed by Kaspersky Lab, located in Russia.
Central Command expects the virus to be more widespread than Chernobyl. However, Network Associates does not expect it will be an issue for its customers, according to Sal Viverous, group marketing manager of Total Virus Defense.
Network Associates is doing research on the virus, Viverous said. "But we have not seen it in the wild yet, only in laboratories," he added. Another reason that it's not particularly risky is that it only attacks DOS files, he said.
"The payload Emperor brings along is dangerous, if a PC is infected," said Viverous. "However this is just one of more than 300 new viruses we see every month."
Central Command could not be reached for further comment.