Computer Viruses

From OWASP
Revision as of 16:21, 5 September 2008 by KirstenS (Talk | contribs)

Jump to: navigation, search

ASDR Table of Contents

Contents


Description

A Computer Virus is a small program designed to cause some kind of damage in the infected computer, by deleting data, capturing information, or by altering the normal operation of the machine.

Like the human virus has different levels of gravity, such as the Ebola virus and the influenza virus, computer viruses range from slightly disturbing to totally destructive. A virus does not spread without human action; we need to send someone a file or email to spread it. The virus can be disguised as an image, audio, or video attachment.

The first computer virus was written in 1982 by a 15 year old student in the U.S, Rich Skrenta. This computer virus was identified as Elk Cloner, and affected the Apple II system and did not cause major problems. This virus showed a small poem on the screen, and was able to make copy of itself when a floppy was inserted into the computer. When the media was used in another system, the process spread.

In general there are 3 main types of computer virus:
Boot Virus - Stays in the boot sector of the floppy and in the Master Boot Record (MBR) of hard disks.

Macro Virus - The most common and most easily created virus, but less harmful. The macro virus uses the macro language of the application (such as Visual Basic or VBScript) to infect and duplicate documents and models. They attack any platform, but generally are made for Microsoft Office, using the programming environment from Microsoft for self-implementing the code of macro virus. When an infected document is opened, the virus runs and infects the models of the application user and can insert words, numbers or phrases in documents or change command functions. Once a macro virus infects the machine of a user, it can incorporate all the documents created in the future with the application.

Program Virus - Normally be enforced with extensions .com, .exe and .bat and are activated only with a command from the user. Many of them are sent by e-mails or Instant Mesages.

Risk Factors

A Computer Virus could steal or delete information, make the computer slower or simply mess with the Operational System. In present days the most commom are virus to steal information from Internet Banking, so the attacker can transfer your money to his account, pay bills or buy something in the Internet.

Examples

Some famous and dangers computer virus:
Chernobyl or Spacefiller in april 26 if the computer is infected the virus is activated and deletes the content of ROM memory (BIOS).

Melissa it's a computer virus that comes by e-mail attaching a Microsoft Word document, when this message is opened, the virus is activated and infect the file Normal.dot, then every document created by this text editor is infected and automatically send a infected e-mail for the first 50 contact from the catalog of the Outlook Express.

Codered virus attacks the Microsoft IIS 4.0 and 5.0 modifying the main page with the message "Welcome to http:// www.worm.com ! Hacked By Chinese!" and also program the infected computer to make a denial-of-service attack to the White House website (www.whitehouse.gov).

Related Attacks

TBD

Related Vulnerabilities

TBD

References