
The W32/Gatt virus was first detected earlier this month. The virus infects all .idc files, a format that is used for scripts for the Interactive Disassembler Pro application that is commonly used by virus researchers to analyse malware.
The specimen that was detected didn't carry any payload. Symantec therefore described the malware as a proof of concept.
"By targeting tools used by antivirus researchers, the author makes an attempt to embarrass the security community," suggested Vinoo Thomas, a research analyst with McAfee.
The Gatt virus isn't the first attempt by malware authors to slow down anti-virus researchers.
Although most professional researchers have the safeguards in place to prevent any serious damage from the virus, Thomas cautioned that it could claim victims amongst wannabe virus writers who are fooling around with the code.