On average, more than one in ten computers will be
victimized by Viruses, Worms, or Trojans. On the single day of July 19, 2001
more than 359,000 computers were infected by the Code Red Worm. Within ten
minutes on January 23, 2003, over 75,000 servers were infected by the Slammer
Worm. You can defend against these inevitable attacks by knowing the background
and modus-operandi of these program thugs.
The concept of computer Viruses was born in 1949 when John von Neumann
presented a theoretical paper on self-replicating programs. In 1983, Frederick
Cohen first coined the now familiar term “Virus” in his doctoral thesis. In
1986, the first contemporary Virus debuted as the Brain Virus from Lahore,
Pakistan.
The primary goal of a Virus is to spread itself from system to system. This is
accomplished by inserting its code into that of other healthy programs. When the
infected program is run, the attached Virus code is activated and gets an
opportunity to target new healthy programs to infect.
Worms have the same objective with the difference being that they do not
need to alter other programs to proliferate. They spread by taking advantage of
email, and other automatic file sending and receiving features typical of many
computers.
Trojans, like their legendary namesake, appear as friendly programs that
conceal a destructive purpose. Unlike their over achieving siblings, a Trojan’s
only function is to do damage. When activated, a Trojan may destroy files or
create a “back door” that enables hackers to access a system for further
exploitation.
The familiar bestiary of Viruses, Worms, and Trojans is expanding with a new
breed of binary fiend that blurs the lines between the classic categories. The
emerging category of Mega-Worms combines features and tactics from the
most successful of Viruses and Worms. Mega-Worms will rely heavily upon code
mutation to hide, and use multiple methods of attack for propagation.
Regardless of category, the purposes of these programs are becoming even more
sinister. No longer designed only to spread or mindlessly destroy data,
next-generation viruses are increasingly geared toward stealing data and
compromising systems for outside attack. For virus authors, espionage is taking
precedence over mayhem.
What is the best protection from this approaching horde? Simple vigilance! Patch
applications with the latest security upgrades. Install Firewall and Anti-Virus
software, and update these defenses regularly. Make verified backups of your
data.
The threat may be complex and intimidating, but the countermeasures are facile.
|
They Came From the Internet! |
|
|
|
W32/SoBig.C Type: Mass Mailing Worm Description: Spreads by sending emails, and copying itself over network shares. It searches your Windows Address Book and other documents on your hard drive for new email addresses to target. Countermeasures: Norton Antivirus, McAfee VirusScan, AntiVir |
|
|
W32/Bugbear-B Type: Polymorphic Mass Mailing Virus Description: Spreads by sending emails, and copying itself over network shares. It infects executable files, and has keystroke-logging & backdoor capabilities. It will attempt to disarm antivirus & firewall programs. Countermeasures: Norton Antivirus, McAfee VirusScan, AntiVir |
|
|
W32/Fizzer-A Type: Mass Mailing Worm Description: Sends emails to all the contacts in the Windows Address Book, and attempts to spread over P2P file-sharing networks like KaZaA. It uses IRC to communicate with remote attackers, and provides them with keystroke-logging & backdoor capabilities. It also attempts to disable antivirus & firewall programs. Countermeasures: Norton Antivirus, McAfee VirusScan, AntiVir |
|
|
W32/Yaha-E Type: Mass Mailing Worm Description: Send emails to addresses it finds in your Windows Address Book, MSN Messenger List, Yahoo Pager list, ICQ list, and html documents on your hard drive. It will terminate the Windows Task Manager, and antivirus & firewall programs. Countermeasures: Norton Antivirus, McAfee VirusScan, AntiVir |
|
|
W32/Klez-H Type: Mass Mailing Worm Description: Send emails to addresses it finds in your Windows Address Book, ICQ list, and other local files. It copies over local network shares, infects executable files, and attempts to disable antivirus software. Countermeasures: Norton Antivirus, McAfee VirusScan, AntiVir |
About the
author:
Bruce Padmore
is the Co-Founder of Leap Frog Solutions, Inc.
Leap Frog Solutions is an IT Service Provider helping businesses and home users
in a broad range of computer, network, and software needs. Leap Frog's unique
philosophy and approach to providing affordable, consistent, and high quality IT
service was developed from working for demanding Fortune 500 clients.
To learn more about how Leap Frog Solutions applies its veteran experience to
home users and local businesses, log into
www.LeapFrogNow.com or call 888-549-0752.
