Computer Virus-From Annoyance To A Serious Threat

In the mid-1980s Basit and Amjad Alvi of  Pakistan discovered that people were pirating their software. They created a program that would put a copy of itself and a copyright message on any floppy disk copies made from their original software. This was the first malware that was later named as a virus. Fred Cohen, a student at the University of Southern California ‘s School of Engineering often considered the father of what we know today as a computer virus, coined the term in his 1986 Ph.D. thesis. He defined a “virus” in a single sentence as: “A program that can infect other programs by modifying them to include a, possibly evolved, version of itself.”

From these simple beginnings, an entire virus counter-culture has emerged. The first viruses were merely an annoyance that did not cause much harm. Today new viruses sweep the planet in hours and virus scares are major news. Viruses may occur on almost any computer platform with enough programming capability. The virus problem, however, is worst in the PC environment.

What is a Computer Virus

The computer virus is possibly the most common type of malware. All malicious software are not computer virus. They can be Rootkit, Keyloggers, Worms, Ransomware, etc are different types of malware but not a Computer virus. A computer virus, much like a coronavirus, is designed to spread from host to host and has the ability to replicate itself. The replication routine is a mandatory part of every virus. If it is missing, the program is not a virus by definition. A computer virus cannot reproduce and spread itself but is induced by the user.

Essential characteristics of computer virus

The Virus should have four essential characteristics to cause damages.

1.  The virus should have the ability to replicate itself to infect computers. By replicating itself it is able to spread across computer systems and networks to infect as much as it possibly can.

2., The virus must be executed. It has to attach itself to an executable program. If it cannot be executed, it is harmless. The virus is usually attached to the operating system and is automatically executed on startup.

3. The virus does not just contain self-replicating code, they also contain a payload, side-effect of the virus.

4. The virus must be able to hide before it is caught by anti-virus or noticed manually

Why do people create computer viruses?

There are hundreds of thousands of viruses and they are designed for different objectives. Most of them fall under the following categories:

1. To take control of a computer and use it for specific tasks
2. To prove one’s skill or for revenge purposes
3. To cripple a computer or network
4.  To generate money
5. To steal sensitive information (credit card numbers, passwords, personal details, data, etc.)
6.To political purposes

17 different type of Computer virus-Serious threats

We will mention here all types of viruses. More will be added for the purpose of the definition. Going ahead we will explain each virus in detail on separate postings.

Boot sector viruses were the first type of virus to appear. These types of viruses affect the disk and the hard drive which hold a small section called the sectors. Once the boot sector is attacked they become infected. When you reboot the system with the infected diskette it spread through the hard drive. Example-Michelangelo and Stoned

In Softwares, secret backdoor (remote administration tool -RAT) access is a planned installation by system developers or service providers as a remote means for diagnostics, troubleshooting, or other system tests. Backdoor virus is a malicious code that, by exploiting system flaws and vulnerabilities,  facilitate remote unauthorized access to a computer system or program. This access gives it total freedom to conduct malicious activities on the system. Example-FinSpy

A Browser Hijacker is a program, malicious or otherwise, that changes the home page or search settings of a web browser or modify Windows shortcuts. Browser Hijackers are typically bundled with free programs that you download off of the Internet Example-RoyalAds

A companion virus is able to infect host programs without modifying their contents. This virus can infect your files without changing a single byte in the infected file. Example-Stator

A direct action virus does not remain active on the computer. It only activates when infected objects are used and terminates when the replication and/or payload routine has been executed. Direct-action viruses load with the host program into computer memory. Direct action viruses are easy to viruses do not spread fast. Example- VCL.428

A directory virus also called cluster virus or File System Virus, functions by infecting the directory of the computer. This virus works by changing the path that indicates the location of the file by infecting the directory of the computer. Example-Dir-2

The ultimate aim of encrypted viruses is the change of the virus’s body codes with some encryption algorithms to hide it from a simple view and make it more difficult to analyze and detect. The virus starts with a constant decryptor, which is followed by the encrypted virus body. Example-CASCADE.

File infectors simply replicate and spread, but some damage host programs. There are also file infectors that overwrite host files. Some file infectors carry payloads that are highly destructive. Files that are the most vulnerable to this type of infection bare the extensions of EXE. ( execute) and.COM (command), though any file capable of execution. Example-Jerusalem and Cascade.

A logic bomb, sometimes referred to as slag code, is a string of malicious code used to cause harm, destroys data when certain logical conditions are met. Many viruses are logic bombs because they deliver their payload after a specific latency or when a trigger event occurs. Example-logic bomb  attack launched against South Korea on 20 March 2013

Multipartite virus is unique as it is able to attack both the boot sector and executable files of an infected computer simultaneously as they have the capacity to spread in multiple ways. This virus is able to spread when you boot up the infected’s particularly problematic since it targets critical areas of the computer’s hard drive.Example-Ghostball

Overwrite virus also known as Cavity virus look for program files with large amounts of free space, and if large enough, store themselves there. This type of virus overwrites files with their own copy. Of course, this is a very primitive technique, but it is certainly the easiest approach of all. Overwriting viruses cannot be disinfected from a system. Infected files must be deleted from the disk. Example-TRj

When you start a program infected with a parasitic virus, the virus code is run. To hide itself, the virus then passes control back to the original program.

The operating system on your computer sees the virus as part of the program you were trying to run and gives it the same rights. These rights allow the virus to copy itself, install itself in memory or make changes on your computer.

Polymorphic virus constantly changes its identifiable features in order to evade detection. Polymorphic viruses can mutate their decryptors to a high number of different instances that can take millions of different forms.Example-1260,

Resident Virus can infect any file run by the computer. Depending on programming it attaches itself to anti-virus applications, thereby allowing it to infect any file scanned by the program.  They are also known as the Terminate and Stay Resident (TSR).Example-Onehalf.

Non-resident viruses can be thought of as consisting of a finder module and a replication module. The finder module is responsible for finding new files to infect. For each new executable file the finder module encounters, it calls the replication module to infect that file. Examples CMJ

Spacefiller Virus also known as “Cavity Viruses”, is a very intelligent virus. A typical modus operandi for a virus is to simply attach itself to a file, but spacefillers try to get into the empty space which can sometimes be found within the file itself. They implement stealth techniques so that users cannot determine the increase in the file code. Example-Lehigh virus

Stealth viruses hide in files, partitions, and boot sectors and are adept at deliberately avoiding detection. While active, it hides the modifications it has made to files or boot records. Example-rootkits

Today’s society has seen a dramatic increase in the use of computers. As a result users of personal computer today need to have a comprehensive virus protection mechanisms to face the growing threats of computer viruses.

Leave a comment