Virus History Summary Computer Knowledge. Below is an expanded summary of the history of viruses from the start to when I stopped recording new events. Narrative histories of the early years by Dr. Alan Solomon and Robert M. Slade are available. Below is an expanded summary. Note There are endless arguments about the first virus. Lyberty. coms weeklymonthly splash page. Yes, a splash page is old fashioned, but its been a tradition here since 1999. An expanded summary of the history of viruses from the start to when I stopped recording new events. boot is easily accessible from any other machine to configure your Pi as its a FAT filesystem. On a headless Pi its the only plausible way to communicate with. There were a number of malware attacks in the 1. The description of the malware, however, would indicate these were worms and not viruses by general definition. Just to be complete, however, the questionable entries from the 1. Computer Knowledge considers virus history to start in 1. Also, most of this discussion is MS DOS or Windows related. There is, however, a good summary of viruses and malware on the Apple platform on the Sophos site. Pre 1. 98. 1 Period. In the early 1. 97. Creeper was found an ARPANET. It was a worm that moved through modems to other systems where it displayed the message IM THE CREEPER CATCH ME IF YOU CAN. A similar program called Reaper followed Creeper. It appeared to attempt to find and delete Creeper. In 1. 97. 4 malware called Rabbit which multiplied so fast making copies of itself that systems crashed. In 1. 97. 5 a game written for the UNIVAC 1. Pervading Animal. The game asked questions in an attempt to determine what animal the user had thought of. The game, however, attempted to write itself to every writable program file, changing the creation time to be able to determine if it had already written to that file or not. It was never determined if this Trojan like behavior was intentional or just an unintended bug. In the theoretical arena Jrgen Kraus wrote a master thesis called Selbstreproduktion bei Programmen Self reproduction of programs. Now, on to the modern history. The First Virus In The Wild. As described in Robert Slades history, the first virus in the wild actually predated the experimental work that defined current day viruses. It was spread on Apple II floppy disks which contained the operating system and reputed to have spread from Texas A M. Side note Thanks to a pointer from anti virus pioneer Fridrik Skulason we know the virus was named Elk Cloner and displayed a little rhyme on the screen It will get on all your disks. It will infiltrate your chips. Yes its Cloner It will stick to you like glue. It will modify ram too. Send in the Cloner For more info on Elk Cloner see the authors Richard Skrenta page at http www. The First Documented Experimental Virus Fred Cohens seminal paper Computer Viruses Theory and Experiments from 1. From the paper. On November 3, 1. The concept was first introduced in this seminar by the author, and the name virus was thought of by Len Adleman. After 8 hours of expert work on a heavily loaded VAX 1. Unix, the first virus was completed and ready for demonstration. Within a week, permission was obtained to perform experiments, and 5 experiments were performed. On November 1. 0, the virus was demonstrated to the security seminar. Brain, PC Write Trojan, Virdem The common story is that two brothers from Pakistan Basit Farooq Alvi and Amjad Farooq Alvi analyzed the boot sector of a floppy disk and developed a method of infecting it with a virus dubbed Brain the origin is generally accepted but not absolutely. Because it spread widely on the popular MS DOS PC system this is typically called the first computer virus even though it was predated by Cohens experiments and the Apple II virus. That same year the first PC based Trojan was released in the form of the popular shareware program PC Write. Some reports say Virdem was also found this year it was presented to the underground Chaos Computer Club in Germany in December by Ralf Burger according to reports it is often called the first file virus. File Infectors, Lehigh, Christmas Worm The first file viruses started to appear. Most concentrated on COM files COMMAND. COM in particular. The first of these to infect COMMAND. COM is typically reported to be the Lehigh virus. Cascade is reported to be the first self encrypting virus. At this time other work was done to create the first EXE infector Suriv 0. Suriv Virus backward. This virus evolved into the Jerusalem virus. A fast spreading 5. IBM mainframes during this year the IBM Christmas Worm. And, in November, the Atari platform saw its first boot virus SCA. Mac. Mag, Scores, Internet Worm Mac. Mag, a Hypercard stack virus on the Macintosh is generally considered the first Macintosh virus and the Scores virus was the source of the first major Macintosh outbreak. Apple malware was not limited to the Macintosh however. This year, in June, saw the development of the Festering Hate Apple Pro. DOS virus. The Internet Worm Robert Morris creation in November causes the first Internet crisis and shut down many computers. CERT is created to respond to such attacks. AIDS Trojan This Trojan is famous for holding data hostage. The Trojan was sent out under the guise of an AIDS information program. When run it encrypted the users hard drive and demanded payment for the decryption key. Ghostballs is reported by some to be the first multipartite virus but it is a simple variation of the Vienna virus. VX BBS Little Black Book AT T Attack The first virus exchange VX BBS went online in Bulgaria. Here virus authors could trade code and exchange ideas. Also, in 1. 99. 0, Mark Ludwigs book on virus writing The Little Black Book of Computer Viruses was published. While there is no proof, hackers are suspected of taking down the AT T long distance switching system. Based on the Vienna virus, the V2. P1 alias 1. 26. 0 virus is sometimes considered to be the first polymorphic virus although the changes are minor. Tequila Tequila was the first serious polymorphic virus it came out of Switzerland and changed itself in major ways in an attempt to avoid detection. Michelangelo, DAME, VCL Michelangelo was the first media darling. A worldwide alert went out with claims of massive damage predicted on the March 6th trigger date. Actually, little happened. The same year the Dark Avenger Mutation Engine DAME became the first toolkit that could be used to turn any virus into a polymorphic virus. Also that year the Virus Creation Laboratory VCL became the first actual virus creation kit. It had pull down menus and selectable payloads though its reported to not have worked very well. Stealthboot PMBSStealthboot PMBS used a unique technique to operate. You caught it by booting from an infected floppy disk. Once installed, StealthBoot would install itself in extended memory, switched the computer into protected mode, and then ran a virtual V8. DOS and programs would use. Basically, the virus existed between the operating system and the hardware. Year of the Hacker, Concept. Hackers attacked Griffith Air Force Base, the Korean Atomic Research Institute, NASA, Goddard Space Flight Center, and the Jet Propulsion Laboratory. GE, IBM, Pipeline and other companies were all hit by the Internet Liberation Front on Thanksgiving. The first macro virus to attack Word, Concept, is developed. Boza, Laroux, Staog. Boza is the first virus designed specifically for Windows 9. Laroux is the first Excel macro virus. And, Staog is the first Linux virus written by the same group that wrote Boza. Strange Brew Back Orifice Jet. DB Strange Brew is the first Java virus. Back Orifice is the first Trojan designed to be a remote administration tool that allows others to take over a remote computer via the Internet. Access macro viruses start to appear Jet. DB. 1. 99. 9 Melissa, Corner, Win. SK, Tristate, Infis, Bubbleboy. Melissa is the first combination Word macro virus and worm to use the Outlook and Outlook Express address book to send itself to others via E mail. It arrived in March. Corner is the first virus to infect MS Project files. Win. 95. SK, in April 1. HLP file infector. Tristate is the first multi program macro virus it infects Word, Excel, and Power. Point files. Infis installs itself as an NT driver and then takes over some undocumented functions. Bubbleboy is the first worm that would activate when a user simply opened and E mail message in Microsoft Outlook or previewed the message in Outlook Express. No attachment necessary. Bubbleboy was the proof of concept Kak spread widely using this technique. DDo. S, Love Letter, Timofonica, Liberty Palm, Stream, Pirus Zmist.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
September 2018
Categories |