A biological virus like HIV or the flu cannot reproduce on its own; it needs to hijack a cell to do that work for it, wreaking havoc on the infected organism in the process. Similarly, a computer virus isn't itself a standalone program. It's a code snippet that inserts itself into some other application. When that application runs, it executes the virus code, with results that range from the irritating to the disastrous.
In everyday conversation and the popular press, people often use virus and malware interchangeably. But strictly speaking a virus is a specific type of malware that fits the definition above. The two other main types are Trojans , which masquerade as harmless applications to trick users into executing them, and worms , which can reproduce and spread independently of any other application. The distinguishing feature of a virus is that it needs to infect other programs to operate.
Imagine an application on your computer has been infected by a virus. We'll discuss the various ways that might happen in a moment, but for now, let's just take infection as a given.
How does the virus do its dirty work? Bleeping Computer provides a good high-level overview of how the process works. The general course goes something like this: the infected application executes usually at the request of the user , and the virus code is loaded into the CPU memory before any of the legitimate code executes.
At this point, the virus propagates itself by infecting other applications on the host computer, inserting its malicious code wherever it can. A resident virus does this to programs as they open, whereas a non-resident virus can infect executable files even if they aren't running.
Boot sector viruses use a particularly pernicious technique at this stage: they place their code in the boot sector of the computer's system disk, ensuring that it will be executed even before the operating system fully loads, making it impossible to run the computer in a "clean" way. Once the virus has its hooks into your computer, it can start executing its payload, which is the term for the part of the virus code that does the dirty work its creators built it for. These can include all sorts of nasty things: Viruses can scan your computer hard drive for banking credentials, log your keystrokes to steal passwords, turn your computer into a zombie that launches a DDoS attack against the hacker's enemies, or even encrypt your data and demand a bitcoin ransom to restore access.
Other types of malware can have similar payloads, of course: there are ransomware worms and DDoS Trojans and so forth. In the early, pre-internet days, viruses often spread from computer to computer via infected floppy disks. The SCA virus, for instance, spread amongst Amiga users on disks with pirated software. Today, viruses spread via the internet. In most cases, applications that have been infected by virus code are transferred from computer to computer just like any other application.
Because many viruses include a logic bomb — code that ensures that the virus's payload only executes at a specific time or under certain conditions — users or admins may be unaware that their applications are infected and will transfer or install them with impunity. Infected applications might be emailed inadvertently or deliberately — some viruses actually hijack a computer's mail software to email out copies of themselves ; they could also be downloaded from an infected code repository or compromised app store.
One thing you'll notice that all of these infection vectors have in common is that they require the victim to execute the infected application or code. Remember, a virus can only execute and reproduce if its host application is running! Klez appeared even earlie r than the two previous worms in Klez would send fake emails, spoof known senders , and kill other viruses within a system.
Klez came in many flavors, as other viruses and worms often do. During all this time, it kept evolving to release more dangerous iterations.
During the s , this dangerous computer virus would arrive in your inbox disguised as a love letter. But, then, it seemed to be nothing but a plain text file. Iloveyou aka Loveletter hit the internet on May 4th. And it must have found the force within it because it reached 10 million computers very quickly.
The author was Onel e Guzman, a college student from the Phlippines. However, it seems that he never intended for his work to spread so much or to do so much damage. The WanaCry is the first ransomware on our list. It takes over your computer or cloud files , encrypts them to make them unavailable to you.
Then it asks for you to pay a ransom hence, the name to receive the decryptor to unlock your data. WanaCry arrived at the computers of countries in a single day. It hit all kinds of organization s hospitals, governmental offices, private businesses , causing massive disruption. Fortunately, Marcus Hutchins , a year-old security expert in the UK, eventually found a way to neutralize WannaCry. The WannaCry episode illustrated how the most outdated operating systems are vulnerable to attacks.
That is why updating your system is a standard security practice. The Zeuz theft tool hit the web for the first time in It was more like a suite , and it included several programs that composed the global Zeus botnet. Zeuz arose from Eastern Europe and transferred money into secret bank accounts. There was no single, lonely, poor programmer behind Zeuz. Instead, it had an entire organization supporting and profiting from it. In , more than members of the virus crime ring were arrested.
Zeuz is not as prominent at present, but it spawned a new generation of malware as other developers used pieces of the Zeuz code to integrate into their own, more recent, worms and viruses. Zeuz-related documented damage ascended to million USD. The costs in terms of lost productivity, morale, and undocumented theft must be several times higher.
If we estimate all that damage and adjust for inflation, Zeuz costs at least about 4 billion USD while active. Unfortunately, it left no trace in the hardware like files on a hard drive , which complicated the forensic analysis.
Slammer would select an IP address at random and explore the security vulnerabilities in the target system. If it found the target environment feasible for the attack, it would replicate to the target system. Once it had a good number of infected computers ready, it launched DDoS attacks on some selected internet servers, thus ruining their traffic. Banking computers in the US and Canada had the worse experience with Slammer. The worm even forced ATMs to go offline in multiple places.
No definitive solution was ever found to prevent SQP Slammer infections. In fact, saw the attack surface again from computers located in Mexico, China, and Ukraine. The estimated number of systems with a CryptoLocker infection is about a quarter million.
It seems you can write excellent and effective code without mastering English. This message comes along a payment demand, leaving no doubts about what to do next: you pay for the privilege of deciphering your very own files, or you lose all control over your system.
CryptoLocker used the Gameover Zeus botnet to distribute and install millions of CryptoLocker copies in vulnerable systems. Sophos Security estimates the cost of average ransomware hit at , USD. If we estimate additionally that CryptoLocker successfully attacked some corporations, the total cost would have been around million USD, give or take a lot. Sven Jaschan was a computer science student in Germany, 17 years old. By the time he got arrested in , he was already of age.
There was a , bounty on his head , as the creator of Sasser. However, one of his friends blew the whistle on him. Instead, he also created the Netsky. The legal system gave Mr. Jaschan a suspended sentence when it became clear that he was a minor as he was writing the code.
Sasser crashed millions of computers globally, and with an apparently low infection rate, it incurred damages of around million USD.
Melissa is a name in Greek mythology, and it refers to the first honey bee. But in , there was also a Florida exotic dancer called Melissa who caught the attention of David L.
Smith, the author of the eponymous computer virus. This one started as an infected Word document that the author posted to the Usenet. He persuaded thousands of Usenet lurkers to download it, claiming it was a list of working passwords for adult websites.
Eventually, the unavoidable incident happened as people downloaded the file and opened it. Upon opening, a macro in the file would come alive and release its payload. Thus Melissa reproduced itself. In addition, Melissa would show itself by inserting a Simpsons reference into the corrupted Word files now and then.
Smith uploaded the fateful Word file through a stolen AOL account. Unfortunately for him, this allowed the authorities to trace the file back to him, so they arrested him before a week had passed. Neither your address nor the recipient's address will be used for any other purpose. The information you enter will appear in your e-mail message and is not retained by Tech Xplore in any form.
This site uses cookies to assist with navigation, analyse your use of our services, collect data for ads personalisation and provide content from third parties. By using our site, you acknowledge that you have read and understand our Privacy Policy and Terms of Use. Share Twit Share Email. Home Computer Sciences Home Security.
Credit: CC0 Public Domain. DOI: Provided by Inderscience. This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission.
The content is provided for information purposes only. Teen hacker claims ability to control 25 Teslas worldwide 15 hours ago. Jan 12, Jan 11, Related Stories. Computer model seeks to explain the spread of misinformation and suggest countermeasures Jan 11, Mar 03, Oct 08, A method to better understand complex behavior Oct 07,
0コメント