A Brief History of Computer Viruses

as long as computers have been stable

enough to be useful people have managed

to find ways to cause problems and one

of the most effective ways to create

mischief on the computers through

malware like a computer worm or virus

just like their biological analog these

types of programs will infect a computer

before self-replicating by spreading

themselves to other machines

now whatever prank was intended to be

pulled can be run on hundreds or

thousands or possibly even millions of

computers all because the program itself

was designed to travel well the idea of

an autonomously self-replicating entity

goes all the way back to the 1940s it

wouldn't be until the early 70s that

such a program would actually exist

created in 1971 the app we named creeper

was released onto the ARPANET where it

would bounce around between computers

the only trace it left was a message

printed out on to the teletype terminal

reading I'm the creeper catch me if you

can later versions of the program would

drop a copy of itself on the visited

machine making creeper the first program

to automatically spread copies of itself

to other machines in other words the

first computer worm eventually the worms

creator ray Tomlinson tired of the

nuisances program caused created the

world's second computer worm Reaper

designed to clean up the mess that the

creeper had created across the network

just a few years later the first worm to

appear in the wild would emerge though

like the creeper animal was never

designed with no intentions written in

the era of text-based games

animal was a popular program among

univac users where the computer would

try to guess what animal the user was

thinking of through a series of

yes-or-no questions after improving the

game with the ability to learn from

users and expand its database of animals

John Walker received a ton of requests

for the program which he fulfilled

through what he called a totally new way

of distributing software Walker added a

routine to the program called purveyed

which in the background as the user is

playing would make a copy of animal to

every folder the user had access to in

the case of a super user the program

would be able to copy itself to every

directory in the system and since tape

sharing was a common

Just Between users of the time animal

found its way on the systems where it

had never even been requested in the

first place

well mostly harmless would eventually

halted the spread of animal was actually

an unintended side effect of a system

update the pervade routine had been

designed to be as non-destructive as

possible when copying itself which meant

that upon reading the newly formatted

system tables who was only able to come

up with any valid locations to copy

itself into effectively disabling it

spread one of the main reasons these

worms were so effective was the fact

that they were set loose on multi-user

systems meaning that a worm could either

propagate by way of a network like with

creeper worth or resources shared

between users in the case of animal but

that's not to say that personal

computers were entirely immune to these

types of programs oh it took was a small

tweak in the mechanism they used to

spread enter teenage richard sprint a--

an apple ii enthusiast in 1982 at the

time networking between personal

computers was still a rarity so the

primary medium by which shareware was

distributed was sneakernet also known as

copying that floppy and physically

sharing it with someone else

thing was Scranton had developed a

reputation for enhancing the discs he

shared with rude comments and other

pranks to the point where nobody wanted

to accept discs from him anymore but

scren to a determined prankster was not

about to let such limitations stop him

in his efforts eventually resulted in

the world's first computer virus

unlike the worms described earlier

programs would copy themselves around a

virus spreads by inserting itself into

another program in the case of

Scranton's program cloner the virus

would add itself to the boot sector of

the system discs used to boot the Apple

to which in turn would then add the

cloner to every other disk loaded into

the system by writing into the boot

sector not only would the cloner run

every time that disk was loaded but it

was also able to spread almost invisibly

only showing itself on every 50th boot

where it would display this pole

four years later on the other side of

the world

a similar boot sector virus would appear

on the IBM PC dubbed the brain virus

after the company that created it this

virus listed the contact information of

the two creators within the program the

original intent of this virus was to

track how far would spread to help

understand the scope of software piracy

however the two brothers were student

surprised to find out their program had

managed to cross the globe all the way

over to the United States the brain

virus was largely benign only meant to

be an experiment but it very quickly

showed the potential widespread chaos a

computer virus could cause with a more

destructive payload in the following

years the number of PC viruses would

explode from a few isolated incidents to

nearly 200 different pieces of viral

code many of which were not quite as

friendly as brayner out cloner some did

real damage like overwriting fat tables

on disks and sometimes even going so far

as to zero out the entire hard drive

effectively destroying whatever data it

contained and spelling potential

disaster for some businesses one of the

largest viral disasters at the time was

the Morris worm released onto the

internet in 1988 by Cornell grad student

Robert Atman Morris allegedly intended

to highlight security flaws of the

academic networks that had traveled to

the worm had an inadequate mechanism to

prevent a machine from being infected

multiple times

not long after an estimated 6,000

machines would be bogged down to the

point of uselessness by the worm

accounting for about 10% of the entire

Internet at that time the worm did

damages on the order of thousands to

millions of dollars giving Morris one of

the first high-profile convictions for

the 1984 Computer Fraud and Abuse Act by

the late 80s the first antivirus

software had already arrived on the

scene systems like flu shot would embed

themselves within the operating system

and alert the user any time a program

attempted to modify another file another

common tactic was to search files or the

boot sector for specific signatures

associated with a virus in some cases

like the Macintosh program by rekhs an

antivirus program could also attempt to

remove the bit of code injected by a

virus of course both of these tactics

could be worked around

a virus could avoid detection while

modifying a file by using a custom

routine that went below the operating

system and with the introduction of

polymorphic viruses like 1260 the Kota

virus added could be encrypted so that

no two infections were alike

another common tactic viruses used to

stealthily spread across systems was to

remain dormant until a specific date or

event such as the payload of the Friday

the 13th virus similarly on the days

leading up to March 6 1992 the

Michelangelo virus named after its

activation date on the Renaissance

painters birthday because the mini y2k

esque panic as many computer users

rushed out to buy antivirus software to

protect themselves from the virus in the

end the claims made by the various

antivirus providers and news reports

proved to be overstated of the potential

millions of estimated infections only a

few thousand reports of damages were

actually documented by the mid to late

1990s a new family of viruses had been

discovered up to this point Microsoft

have been adding support for automation

and MS Office through macros small

little programs that could perform

routine tasks as it turns out the

language these macros were written in

was powerful enough that they could self

replicate the very first macro virus

fittingly named concept was discovered

in 1995 rather than using shared

software to spread concept would infect

Word documents though this virus was

mostly harmless it did highlight an

entirely new and much more dangerous

vector for infection after all sharing

files was far more common than sharing

software especially within businesses

and of course what self-respecting

malware of the time wouldn't take

advantage but the biggest trend in

technology during the 90s the internet

starting with happy 99 many viruses and

worms would spread by email taking

advantage of human curiosity to be

activated upon which they would mail

themselves to whatever email contacts

the program would find probably the most

famous of these mischievous mass mailing

malware menaces was that I Love You worm

in the year 2000 the worm which spread

by email was presented as an attached

love letter from the previously infected

victim the attachment was named love

letter for you txt VBS

relying on the fact that windows would

truncate the rightmost extension of a

file to users who didn't give the

message much thought the file looked

like a text file and so they would

unintentionally activate the worm I love

you and it's variants spread across the

globe in mere hours on may 5th of the

year 2000 causing an estimated five to

nine billion dollars in damages from

clogging internal mail servers to

destroying files on host machines a

common thread among email worms was some

form of social engineering from the

fireworks of happy 99 to the intimate I

love he message in order for the program

to spread it needed to encourage the

user to activate it

that was until blaster and Sasser came

on the scene released less than a year

apart from each other these worms both

made use of exploits within Windows XP

in 2002 spread themselves without any

human intervention this made them not

only easy to catch but also very hard to

isolate since they would continue to

automatically spread until manually

removed both blaster and Sasser were

interesting cases in that the exploits

both took advantage of had been patched

by Microsoft before the worms were even

released in fact in the case of blaster

another worm

well chia was released making use of the

same exploit rather than cause mayhem

though the worm was designed to patch

the system as well as perform and

blaster worm disinfection it's not all

that often that you actually find a

helpful worm so thanks well Chia of


well chia was not every IT departments

cup of tea since the worm wasn't that

careful in applying its updates

well Chia didn't always manage to patch

the system correctly it generated

traffic that brought many networks down

and at the end of the day whether its

intentions were good or bad well she was

still making modifications to other

people's systems without permission kind

of a no-no however you slice it with new

technologies came new vectors for

infections and a particularly unique

method of propagation for malware online

was through the search engine Google the

2004 Santee worm which infected websites

powered by PHP BB selected its targets

by performing a Google search with terms

specifically designed to return a list

of vulnerable pages of course this meant

that the spread of the worm was pretty

quickly halted when Google

lot the specific search query that

weren't used over all viruses have

mostly trended away from being

mindlessly destructive to being

destructive in financially effective

ways case in point

one a crime an example of ransomware

back in 2017 the worm once again proved

that malware was certainly capable of

causing significant financial damage to

a target but it winds one step further

by also causing significant financial

gains to its creator

we're in somewhere like wanna cry

encrypts the users data demanding a

Bitcoin payment in order for the data to

be safely decrypted and returned whether

or not that end of the deal is held up

is not necessarily guaranteed them

allegedly the creators of wanna cry made

around one hundred and forty thousand

dollars from ransom payments made

through their worm and inspired similar

ransomware programs like Pecha and

Thanatos in the following years and here

we are now viruses and worms still

remain a threat to many a computer

around the globe especially those

running end-of-life software but

thankfully keeping your system

up-to-date and simply being cognizant of

how computers can be infected can

greatly minimize your risk of ever

having to deal with these types of

programs computer worms are nearly 50

years old now and while it is a shame

that they've transitioned from the out

of control experiments and mostly

harmless pranks to software near

universally viewed as a nuisance the

evolution of the different ways these

programs managed to get around is an

interesting one in past that there is

something kind of charming about a

combination of bits and bytes that under

the right circumstances can travel the

globe with no human intervention

visiting all sorts of systems along the

way one can only hope though that the

worms and viruses of the future come in