Many years ago (from our perspective), the Internet was not as publicized as it is now – worked then either very leciwych versions of Windows (9x / 3.x / 2/1), DOS. Much has since changed. Cyber vandalism was then the highest form of “joke” and then when we entered into a phase of development of the Internet, criminals depended on the fact that the program remained in hiding as long as possible and put as much resources or data.
Earlier no one has seen interest in anything to steal, so viruses, which are then “excellent computer jokes” focused often for this, to inflict the greatest possible damage on the machine, which fell victim to the infection. No one then played in the special mercy, fell systems, data pretend to “digital eternal rest,” and sometimes the computers themselves fit already in the trash. Yes, you can say that when viruses were mainly focused on destruction and so feared them a little more, than now. Today, such programs are unlikely to do anything themselves, but they still exist and lie in wait for our data.
CIH
I started with this worm, because … I had with him very, very much to deal with. At the beginning of the current millennium in my house there were two PCs – one stationary and the other – IBM ThinkPad-ish (yes, this machine operates to this day!). The computer belonged to his father, but sometimes, and I enjoyed it (this had internal modem) and when it was available, snatching it yourself to browse the Web at that time. CIH was przywleczony home … on a floppy disk, where his father was to receive some tables, a program to simulate – at least by the way the computer here climbed this dangerous worm. It was interesting, and it could have been worse.
CIH was also called “Chernobyl” – a very peculiar reason. Well, this here bug had a very bad habit activate on April 26 (see the anniversary of the disaster at the Chernobyl nuclear power plant. VI Lenin). Because of this the date of activation full potential of this virus and its negative connotations, the worm quickly gained fame and hailed as one of the largest digital now.
Especially since his destructive action may manifest itself in two ways. The first style “and could kill” – was overwritten “beginning” hard disk and without further user intervention is not fit for use. The second option – the virus overwrite the Flash BIOS own code and of course the motherboard was dead – until reprogramming of the course. In most cases used while replacement of the entire base component, do not be deceived by the mythical “drives smoking”, “smoking RAM” – the computer first display bluescreen, and then no longer zapętlał. That’s all. And so much.
The percentage of machines running on Windows systems 9x is marginal, but year after year the virus collects his “deadly”. It is estimated that this is about several thousand machines per year.
AIDS
The history of this tease dates back to 1989 and is one of the louder with mass circulation ransomware’u, and therefore such software, which simply blackmailing the people using infected machines. The author of this Trojan he asked to send money to an account in Panama for decrypting data. It all started with a questionnaire, which was to be placed on floppy disks 5.25 – PC Cyborg Corporation sent them to companies and institutions in many countries. Once the machine has been infected with malicious code, after 90 reboot the device display a message about the need to connect the printer. When this was already present, it prints a ransom note in the form of payment for the software used.
Data is encrypted using an array symmetric key. After the effects of the attack were revealed, we developed rescue programs for the machines and the data that was sent after the companies. AIDS has not proven to be quite so dangerous as it seemed, much data has been odratowanych.
In the case of AIDS was stopped by Joseph L. Popp, who after such prosecutions in Britain turned out to be the author of this malware. Soon, he was considered insane, and therefore a person who can not be responsible for his actions due to mental disorders. One of the theses states that was supposed to be a form of revenge for the failure to adopt it on time to the WHO, but the scale and size of the attack is exclusive. A deeming it too became insane under a big question mark – with its records showed that simply planning this action for a relatively long period of time.
PRIZM
The virus dangerous only for systems with 9x family – the objective is to infect Portable Executable EXE applications for extensions DLL and EXE. The virus writes its code to the executable file, which you can quickly determine by checking the size of the EXE file before starting and immediately after. The condition for further action pest and switch to kernel mode operating system. It also uses INT 21h, IFS calls for activation – four times each month.
The virus is activated four days each month – when the infected executable file is displayed (similar to bluescreen)
Virus Win9x.Chazhma ( Chernobil2)
Made by SpAmC0der- & gt; [Prizm] – & gt; Vladivostok- & gt; Russia
battle of life. Capital !!!
to be continued … Win32.Kursk2000
And at this point also revealed the destructive nature of the worm – this erases random hard drive sector of immobilizing time operating system and leading to having to reinstall.
Disk Killer
The principle of operation identical with its name, but the disk possible to save after a virus selected data and it “encodes”, although in this case it is rather too much to say. Once activated to Disk Killer shows a message that reads like this:
Disk Killer – Version 1.00 by COMPUTER OGRE 01/04/1989 Warning !! Do not turn off the power or remove the diskette while Disk Killer is Processing! PROCESSING
Unaware you can think yourself – well, something the system picks, picks, makes not remove the floppy disk, turn off the computer … well. I wondered to herself program name, but whatever.
Now you can turn off the power I wish you luck!
But once you get this message, it gets dull. You can either recover the data, or do not care about them and perform the formatting operation. Despite the fact that nothing is destroyed, it can (could) that make life difficult many a user.
Akuku
mistakenly referred to Russian malware – no doubt his pedigree is typically Polish. Proof of this is the fact that this virus displays a message in our language – except that it is actually harmless. While it may irritate the message, which reads: “And boo, sucker!” Well, yes. The virus nierezydentny after its launch searches for COM and EXE files and writes itself at their end (increasing their size, is not looking for free space).
There are two variants of this virus – they differ generally prompts.
Akuku.886 displays the message: “A cuckoo, the next debt collector” (or one that I presented above, “while Akuku.1111 can play a tune on the occasion. This Polish akcencik.
Source: Wikia Malware
Graphics: 1, 2
No comments:
Post a Comment