the Origin and Evolution of Computer Viruses
on virus infections last year sets the scene of this brief history
of computer viruses.
On the Origin and Evolution of Viruses -
3765 Virus Active Today
According to Panda Software some 3765 viruses
are active today - but how did it all start and how did
the several species evolve?
Viruses didn't start spreading systematically
and frequently until 1987 when the fast-spreading IBM Christmas
Worm with half a million replications an hour infected IBM.
The Internet Worm created by Morris caused the first Internet
crises in 1987/8 and shut down many computers. In 1989 the AIDS
Trojan was created and sent as an AIDS information program
- the Trojan held data hostage demanding sums of money to be
paid for the decryption key.
In 1990, Panda Software opened shop in Spain.
The Tequila polymorphic (with the ability to change)
virus made its appearance in 1991 and variants of it are still
found in the wild. A year later, the Michaelangelo virus
became the first virus to attract media attention as it predicted
massive damage. The first toolkits to fabricate viruses also
emerged while McAfee was first incorporated distributing its
products via freeware.
With the Internet Liberation Front, 1995
marked the Year of the Hacker when attacks on NASA, other US
Government departments, IBM and General Electric were recorded.
The first Word Macro virus appeared in the same year while Microsoft
launched Windows 95. The first 95-specific virus, Boza,
appeared together with Staog the first Linux virus. Strange
Brew was the first Java virus in 1998 and Back Orifice
was the first Trojan designed to be a remote administration
tool that allows others to take over a remote computer via the
Internet. Access viruses also appeared for the first time seven
years ago. In 1999, Melissa hit used Outlook and Outlook
Express to send itself to others via email.
2000 saw Yahoo shutting down because of the
first distributed denial of service attacks (DDos). The new
millennium also saw Love Letter, a worm that spread around
the Internet like wild fire. That year, Internet enabled telephones
on the Spanish network were hit by the first attack on a telephone
Liberty was accidentally released in
the wild and this was the first Trojan developed for the Palm
PDA. The first worm (Gnuman) to attack a peer-to-peer
communication network appeared in 2001 disguising itself as
an MP3 file. The LogoLogic-A worm spreads via MIRC chat
and E-mail in the same year while the first worm capable of
spreading itself through Adobe's PDF software appeared. The
first virus to infect shockwave files made its first appearance
in January 2002 while in March, the first native .NET worm written
in C#, Sharp-A was announced.
Also in late May the Benjamin appeared.
Benjamin was unique in that it uses the KaZaa peer-to-peer network
to spread. In 2003, Slammer's spreading technique worked
so well that for some period of time all of South Korea was
effectively eliminated from the Internet. Some of the malware
of 2003 were accompanied by very realistic graphics and links
to make you think the mail actually came from the likes of Microsoft
In 2004 the Trojan.Xombe was sent to
a wide audience and posed as a message from Microsoft Windows
Update asking you to run the attached revision to XP Service
Pack 1. The weekend of 20/21 March introduced Witty the
first worm to attack security software directly. The worm erased
portions of the hard drive while sending itself out. August
saw a backdoor for PocketPC devices. Last year also marked the
first ever computer virus, Cabir, spread by mobile phones
- this virus was sent to anti-virus firms. No infections were
reported and the worm was harmless, however it shows that mobiles
are also at risk from virus authors.
And this is just viruses. Spyware, adware,
security risks, vulnerabilities, diallers, hoaxes, hacking tools,
spy programs and keyloggers are all in the wild wreaking havoc
and causing some serious damage to millions of legitimate users
Gaps in Security
"The future is not ours to see" but in security
you cannot take a "que sera' sera' attitude"! Virus
authors are continually developing new threats and new tactics
to ensure that their malware infects as many victims as possible.
For example, new variants of Mytob were appearing every
hour. Some viruses also disguise themselves as critical Windows
system files like lsass and svchost. These variants are appearing
at a rate far faster than anti-virus firms can analyse them
and update their scanners leaving serious gaps in anyone's security
Installing anti-virus, anti-spyware and firewall
software, together with the information provided by processlibrary.com
should give you the best protection possible against the
security threats existing today.
During the couple of hours it took me to
write this article, the active viruses to date increased from
3765 to 3811 (Source: Panda Software).