Debian Security Advisory

bliss virus -- computer virus

Date Reported:
undated
Affected Packages:
any executable
Vulnerable:
Yes
Security database references:
No other external database security references currently available.
More information:
The infection must be done as root. Of course root can do anything (including 'rm -rf /') so most people don't see this as a problem. This is why people should do as little as possible under root.

Bliss was described on USENET in the fall of 1996. In February of 1997, it was reported in Linux and Bugtraq mailing lists.

Check for Bliss by searching all binaries for the following pattern:
E8ABD8FFFFC200003634 65643134373130363532

Disinfect with the --bliss-uninfect-files-please argument to an infected program.

References: