As computers gained in popularity, more and more individuals started writing their own programs. Advances in telecommunications provided convenient channels for sharing programs through open-access servers such as BBS – the Bulletin Board System. Eventually university BBS servers evolved into a global data bank and were available in all developed countries. The first Trojans appeared in large quantities; programs that couldn’t self-replicate or spread, but did damage systems once downloaded and installed.
The widespread use of Apple II computers predetermined this machine’s fate in attracting the attention of virus writers. It is not surprising that the first large-scale computer virus outbreak in history occurred on the Apple II platform.
Elk Cloner spread by infecting the Apple II’s operating system, stored on floppy disks. When the computer was booted from an infected floppy, a copy of the virus would automatically start. The virus would not normally affect the running of the computer, except for monitoring disk access. When an uninfected floppy was accessed, the virus would copy itself to the disk, thus infecting it, too, slowly spreading from floppy to floppy.
The Elk Cloner virus infected the boot sector for Apple II computers. In those days, operating systems were stored on floppy disks: as a result the floppies were infected and the virus was launched every time the machine was booted up. Users were startled by the side effects and often infected friends by sharing floppies, since most people had no idea what viruses were, much less how they spread.
The Elk Cloner payload included rotating images, blinking text and joke messages:
THE PROGRAM WITH A PERSONALITY
IT WILL GET ON ALL YOUR DISKS
IT WILL INFILTRATE YOUR CHIPS
YES, IT’S CLONER
IT WILL STICK TO YOU LIKE GLUE
IT WILL MODIFY RAM, TOO
SEND IN THE CLONER!
Len Eidelmen first coined the term ‘virus’ in connection with self-replicating computer programs. On November 10th, 1983, at a seminar on computer safety at Lehigh Unversity, this grandfather of modern computer virology demonstrated a virus-like program on a VAX11/750 system. The program was able to install itself to other system objects. A year later, at the 7th annual information security conference, he defined the phrase ‘computer virus’ as a program which is able to ‘infect’ other programs by modifying them to install copies of itself.
The first global IBM-compatible virus epidemic was detected. Brain, which infected the boot sector, was able to spread practically worldwide within a few months. The almost total lack of awareness in the computing community of how to protect machines against viruses ensured Brain’s success. In fact, the appearance of numerous science fiction works on the topic only strengthened the panic, instead of teaching people about security.
The Brain virus was written by a 19 year old Pakistani programmer, Basit Farooq Alvi, and his brother Amjad, and included a text string containing their names, address and telephone number. According to the virus’s authors, who worked in sales for a software company, they wanted to gauge the level of piracy in their country. Aside from infecting a disc’s boot sector and changing the disk name to ‘© Brain’, the virus did nothing; it had real payload, and did not corrupt data. Unfortunately, the brothers lost control of their so-called experiment and Brain spread worldwide.
Interestingly enough, Brain was also the first ‘stealth virus.’ When an attempt to read the infected sector was detected, the virus would display the original, uninfected data.
That same year, a German programmer, Ralf Burger, invented the first programs that could copy themselves by adding their code executable DOS files in COM format. The working model of the program, named Virdem, was introduced by Burger in December 1986 in Hamburg at an underground computer forum, the Chaos Computer Club. Though most of the hackers at the event specialised in attacking VAX/VMS systems, they were still interested in the concept.
Today, after almost 3 years of waiting, it was finally the day of the trial. In the Netherlands, where the whole case took place, the hearings are open to the public. Meaning anyone who is interested can visit. And it was quite busy. Read Full Article
Machine learning has long permeated all areas of human activity. I would like to warn about, or dispel, some of the misconceptions associated with the use of ML in the field of cybersecurity. Read Full Article
Kaspersky Lab researchers presented a closing keynote and three other papers related to targeted attacks and APT research at Virus Bulletin 2015 in Prague. Read Full Article