1995

Nothing significant occurred in the field of DOS-viruses this year, although several complex virus such as Nightfall, Nostradamus, and Nutcracker appeared. There were also some interesting new viruses such as the ‘bisexual’ RMNS virus and the BAT virus, Winstart. There were also two widespread, but not severe outbreaks caused by ByWay and DieHard2.

In February, Microsoft sent infected versions of Windows 95 to beta-testers, but only one person thought to run an antivirus check. He discovered that the discs were infected by From and testing was put off until clean discs were issued.

In the Spring of 1995, two antivirus companies announced an alliance: ESaSS (the developer of ThunderBYTE Anti-Virus) and Norman Data Defense Systems (Norman Virus Control). These companies, both with their own very strong independent antivirus products, decided to combine efforts to develop a single antivirus system. Later on, in 1998, this alliance would crumble with a buy-out of the Dutch ESaSS by a Norwegian company.

In August, the Concept virus struck MS Windows: the virus circled the globe in only a month and was number one on antivirus vendors lists of most common viruses.

In the first half of September, one of the world’s largest computer manufacturers, Digital Equipment Coporation (DEC) accidentally distributed copies of the Concept virus to delegates at a DECUS conference taking place in Dublin. Fortunately, the virus was quickly detected and the outbreak contained. Over a hundred known versions of the Concept virus are still in circulation today.

Green Stripe, a virus for AmiPro, a then popular word-processing program, also spread rapidly. The source code for Green Strip was published as a free supplement to Mark Ludwig’s magazine Underground Technology Review.

The advent of macro viruses posed a new set of challenges for antivirus vendors. New technologies were needed to detect macro viruses; first in MS Word and eventually in other MS Office applications.

The English affiliate of the Ziff-Davis publishing house distinguished itself twice in 1995. The first time was in September when the publishing house’s PC Magazine (English version) distributed a diskette containing the Sampo virus to its subscribers. This was soon discovered and the company offered its apologies and offered readers a free antivirus utility. The irony of the event lay in the fact that the diskette was a supplement for an issue which contained articles the results of antivirus tests for Novell NetWare products.

Later, in the middle of December, another Ziff-Davis publication, Computer Life, sent its readers a diskette containing a Christmas greeting. Unfortunately, it turned out that the diskette also contained the Parity Boot virus.

Law enforcement agencies also pressed onward in the struggle against cyber crime. On January 16, The New Scotland Yard’s Computer Crime Unit took Christopher Pile to court for writing and distributing viruses. The unemployed Pile, or the Black Baron, as he was known in the underground was accused of authoring the Queeg and Pathogen viruses as well as the SMEG polymorphic generator. After ten months Pile pleaded guilty and was sentenced to 18 months in prison.