Skip navigation
Skip navigation
You are using an outdated browser. Please upgrade your browser.

The first malicious program infecting SWF files has been detected

Cambridge, UK 9th January 2001 - Kaspersky Lab, an international data-security software developer,
reports the detection of a virus, SWScript.LFM, which is the first malicious program that infects the popular multimedia format, Macromedia Shockwave.

Macromedia Shockwave (.SWF files) files contain video and audio data. The compactness, simplicity in creating animation and video, and support by the majority of Web applications has made Macromedia Shockwave files one of the most popular means for the transfer of multimedia information via the Internet. By using SWF files, hundreds of thousands of people around the world can send electronic greeting cards, and thousands of companies have integrated the Macromedia technology into their Web sites in order to make them more attractive and dynamic.

A detailed analysis of LFM has shown that the current virus is more proof-of-concept than presenting a real threat to the Internet users. In order to spread, this malicious program requires several important conditions, whose simultaneous execution is highly unlikely. First of all, LFM requires that a computer has been installed with a full program version that executes Macromedia Shockwave files – special plug-in versions installed on Internet Explorer and Netscape Navigator by default are not enough for the virus to operate. Secondly, a user has to manually download the infected SMF file to his computer and start it up. Thirdly, LFM is only capable of infecting SMF files located in the same directory as the virus-carrying file.
In summarising the aforementioned, Kaspersky Lab considers the possibility of an epidemic outbreak caused by the LFM virus to be very unlikely. Nevertheless, we recommend that users be very careful when dealing with Macromedia Shockwave files, because the appearance of other more operable malicious programs infecting SMF files cannot be excluded.

Defence procedures thwarting LFM have already been added to the Kaspersky Lab daily anti-virus database update as of January 8, 2002.

More detailed information about the malicious program will be available soon in the Kaspersky Virus Encyclopedia.

About Kaspersky Lab

Kaspersky Lab Int. is a fast growing, privately owned, data-security software development company with offices in Moscow (Russia), Cambridge (United Kingdom) and Pleasanton (United States). Founded in 1997, the company concentrates its efforts on the development of world-leading data-security technologies and software. The company's flagship software product is Kaspersky Anti-Virus that provides comprehensive virus protection for a wide spectrum of customers from home users to enterprise-wide networks (Windows, Linux, Unix, Novell NetWare, OS/2, MS Exchange Server, Lotus Notes/Domino, Sendmail, Qmail, Postfix, Exim, CVP-compatible firewalls, Web-servers). Kaspersky Lab markets, distributes and supports its software and services in more than 50 countries worldwide.

Media Contacts

Denis Zenkin
Kaspersky Labs
Phone: +7 (095) 797 87 00

Sara Claridge
Marylebone Media Relations
Tel: 01344 876558
Web Site:

This press release was distributed by ResponseSource Press Release Wire on behalf of Marylebone Media Relations in the following categories: Consumer Technology, Personal Finance, Business & Finance, Computing & Telecoms, for more information visit