"Writing a cross-platform worm is difficult because it limits you to functions that are available on both operating systems," Ullrich said. "You have to also code the virus in assembly to make it work without relying on any OS-specific function," he said.

The relatively small number of systems running on non-Windows platforms also makes it less appealing for hackers to go to the trouble of crafting cross-platform viruses, he said.

Though rare, this is not the first instance of such a virus appearing in the wild. In 2001, the sadmind/ISS worm exploited a hole in Sun Microsystems Inc.'s Solaris to infect systems running vulnerable versions of the OS. Infected systems then scanned for and attacked servers running Microsoft Corp.'s IIS Web server software. That same year, another proof-of-concept virus named Winux infected both Windows and Linux systems.

"Even today, Web sites sending exploits to their visitors tend to detect what browser/platform the visitor is using and send a matching exploit to install some malware," SANS said in its note.

It's important for enterprises to be aware of such issues and implement anti-virus tools for protecting non-Windows operating systems if they haven't done so already, Ullrich said.