gif Virus?

Up until now, you didn't have to worry about graphics being a virus. Then I came across this at the Internet Storm Center over at sans.org

.gif Files Presenting a Not so Pretty Picture
Published: 2009-02-07,
Last Updated: 2009-02-07 21:51:03 UTC
by Tony Carothers (Version: 1)
0 comment(s)

A Storm Center subscriber has just submitted malware embedded in .gif image files, downloaded from the image site 4chan.org. For the sake of expediency, and because this person did such a good write up, here is the analysis provided:

"The *.gif files were found the "random" board of the image board site 4chan. The files contain a large picture with instructions to save the file with a .jse extension and run it.

The *.out files are the result of applying scrdec to the gifs to reveal the encoded script.

It appears to:
(1) copy itself somewhere as 'sys.jse'
(2) add itself to a Run key in the registry
(3) (a) fetch the index to 4chan's /b forum
(b) download the first image
(c) save it as 'j.jse'
(d) attempt to run 'j.jse'
(4) construct a POST request containing the image as payload
(5) upload itself as a new post on 4chan
(6) point an instance of IE at site it came from

(3)-(6) are in an infinite loop."

To the subscriber who did the legwork on tihs one, my thanx for the excellent work

(View the original post here)

So after reading this, I see it's not so bad. Basically, you will have to rename and run the file. So you don't have to worry about .gif files being a virus at this time. However it did bring a good point to mind, that I thought I would share. You should never have to change the extension, or the last 3 letters after the dot in a file name. For eample, something.gif to something.com or something.exe or anything like that. If you are asked to do so, it's a very good chance that it could be, to get you to install something, without you knowing.