History of malicious programs

Malicious software may seem like a relatively new concept. The epidemics of the past few years have introduced the majority of computer users to viruses, worms and Trojans – usually because their computers were attacked. The media has also played a role, reporting more and more frequently on the latest cyber threats and virus writer arrests.

However, malicious software is not really new. Although the first computers were not attacked by viruses, this does not mean they were not potentially vulnerable. It was simply that when information technology was in its infancy, not enough people understood computer systems to exploit them.

But once computers became slightly more common, the problems started. Viruses started appearing on dedicated networks such as the ARPANET in the 1970s. The boom in personal computers, initiated by Apple in the early 1980s, led to a corresponding boom in viruses. As more and more people gained hands-on access to computers, they were able to learn how the machines worked. And some individuals inevitably used their knowledge with malicious intent.

As technology has evolved, so have viruses. In the space of a couple of decades, we have seen computers change almost beyond recognition. The extremely limited machines which booted from a floppy disk are now powerful systems that can send huge volumes of data almost instantaneously, route email to hundreds or thousands of addresses, and entertain individuals with movies, music and interactive Web sites. And virus writers have kept pace with these changes.

While the viruses of the 1980s targeted a variety of operating systems and networks, most viruses today are written to exploit vulnerabilities in the most commonly used software: Microsoft Windows. The increasing number of vulnerable users is now being actively exploited by virus writers. The first malicious programs may have shocked users, by causing computers to behave in unexpected ways. However, the viruses which started appearing in the 1990s present much more of a threat: they are often used to steal confidential information such as bank account details and passwords.

So malicious software has turned into big business. An understanding of contemporary threats is vital for safe computing. This section gives an overview of the evolution of malware: it offers a glimpse of some historical curiosities, and provides a framework to help understand the origins of today’s cyber-threats.


Roaming Mantis uses DNS hijacking to infect Android smartphones

In March 2018, Japanese media reported the hijacking of DNS settings on routers located in Japan, redirecting users to malicious IP addresses. The redirection led to the installation of Trojanized applications named facebook.apk and chrome.apk that contained Android Trojan-Banker. During our research we received some invaluable information about the true scale of this attack, we decided to call it ‘Roaming Mantis’. Read Full Article


DDoS attacks in Q4 2017

Q4 2017 represented something of a lull: both the number and duration of DDoS attacks were down against the previous quarter. At the same time, the increase in the number of attacks on honeypot traps in the runup to holiday sales indicates that cybercriminals are keen to expand their botnets at the most opportune moment by pressuring owners of online resources and preventing them from making a profit. Read Full Article


IT threat evolution Q3 2017

Our growing dependence on technology, connectivity and data means that businesses present a bigger attack surface than ever. Targeted attackers have become more adept at exploiting their victims’ vulnerabilities to penetrate corporate defences while ‘flying under the radar’. Read Full Article


DDoS attacks in Q3 2017

In the third quarter of 2017, we registered a considerable increase in the number of both DDoS attacks and their targets. Traditionally, China is the country with the largest number of attack sources and targets. It was followed by the United States and South Korea. The popularity of Windows OS as a basis for creating a botnet has fallen noticeably, while the share of Linux-based botnets increased proportionally. Read Full Article