The virus war
October 5, 2000 | 12:00am
The infamous Love Bug may now be a thing of the past, but the computer virus war continues to rage on. And apparently, the battle has shifted to a new war zone – the personal digital assistants (PDAs).
Late last week, a company that produces antivirus software for computers revealed that it has discovered the first virus targetting PDAs, the handheld devices that are growing in popularity with business people all over the world.
"This is not a false alarm," said Vincent Gulloto, head of McAfee’s anti-virus emergency response team which found the virus "Phage" Thursday last week.
The virus fills a PDA’s screen with a dark gray box, causing the device’s operating system to terminate. It also infects all third party applications contained in the handheld device.
Though the virus was not widespread, it nonetheless sent shivers to the growing number of PDA users in the world since it was the incarnation of their biggest fear.
Earlier, a Trojan horse called "Liberty Crack" was discovered to affect PDAs. Masquerading as a hack for the Liberty 1.1 Game Boy emulator, it turned out to be a malicious program that erased all applications in the PDAs of users who downloaded it from the Internet.
David Perry, director of public education for antivirus vendor Trend Micro Inc., said that at present, viruses and Trojan horses for PDAs may not yet be a cause for alarm.
"Currently, it’s not a big deal. But it portends a grim future for Internet appliances," he said. "The VX society (virus authors) wants publicity, thus they’re targeting PDAs."
The International Data Corp., a market research firm, predicts that PDA users will reach 19 million worldwide three years from now, making them a worthy target for virus authors. And as PDAs evolve from mere organizers to communication devices, virus authors may use them as new paths for their creations to enter and wreak havoc on corporate networks.
Virus traits - Whether we like it or not, it seems viruses are here to stay. And they’ll get more virulent as years go by.
If you buy a computer nowadays, you’ll likely get a unit bundled with an antivirus software and this, more than anything else, should be enough to convince you how widespread viruses have become and how much the computer industry has come to accept their inevitability.
There are thousands of viruses. There are even categories for them. But generally, all viruses fit a single basic definition: They are computer programs intentionally designed to replicate themselves when certain existing programs are run.
The word "intentionally" is the key. Viruses are not just accidents. Programmers with significant skills author and develop them, then find ways to get them onto the computers of the unsuspecting. For many virus authors, the whole thing is simply a challenge. For others, the point is having a good time making computing life uncertain or even miserable for others.
Viruses like the Love Bug have gained a reputation for being harmful (the Love Bug wreaked some $10 billion in damage worldwide, remember?). Yet many viruses cause nothing but inconvenience. Yes, some viruses damage files or perform other forms of destruction and can affect the speed and efficiency of computers. But others simply provide minor annoyance or are even invisible to most users.
To be considered a virus, a program needs to replicate itself. Anything else it does is just extra.
This definition of a virus is actually more specific than the way people tend to use the term. Other types of programs are also labeled as viruses but fit only part of that definition. These types include worms, Trojan horses, droppers and bombs which are likened to viruses since they act without the user’s knowledge and do some things inside the computer which they are intentionally designed to do.
Virus authors obviously are nothing but innovative. They constantly come up with new ways of thwarting antivirus software. Thus, it is not surprising that some viruses are labeled "stealth."
Stealth viruses mislead the antivirus software into thinking that nothing is wrong. Essentially, a stealth virus retains information about the files it has infected, then waits in memory and intercepts antivirus programs that are looking for altered files. It gives the antivirus programs the old information about the files, making them think that everything’s well.
There is also such as a thing as a polymorphic virus. This type alters itself when it replicates, so antivirus software that looks for a specific pattern won’t find any instances of the virus. Thus, those viruses that survive the cleansing continue to replicate.
Other virus authors, meanwhile, experiment in the way they spread their creations.
One author from the Czech Republic, for example, used "file stream" technology to upload his "Stream" virus early this month.
File streams – not related to audio or video streams – break up programs into a main code segment, or stream, and several alternate ones.
Used for sharing data between programs, this technology was first used in the Windows NT file system, and is also present in Windows 2000.
Eugene Kaspersky, head of Kaspersky Lab, a Russian antivirus research firm which first spotted the Stream virus, said file streams make viruses harder to detect.
"Certainly this virus begins a new era in computer virus creation," he said. "The technology the virus uses to plant itself into files makes its detection and disinfection extremely difficult to complete."
Most antivirus scanners only scan the main stream of programs and miss data hiding in an alternate data stream.
The biggest threat of viruses, though, may come from handheld devices such as PDAs and mobile phones.
Richard Jacobs, president of antivirus firm Sophos, said viruses for and from handhelds would eventually become a serious concern, although that time has yet to come.
"At the moment there’s no security or culture of security around these devices, and that’s got to change," he said.
Mobiles phones can become contagious, too.
Just recently, it was reported that a breach has been discovered in some versions of a cellular phone brand which would allow a special text message to be sent to the phone that would freeze its keys and disable normal operation.
Kaspersky, the Russian antivirus expert, said that although the glitch may not be serious and can be corrected by removing the phone’s battery, it still signals worse things to come.
"This is not the first and obviously not the last security breach discovered in mobile phones," said Kaspersky, who is developing the world’s first platform-independent antivirus engine to address handhelds, mobile phones and other so-called Internet appliances.
"I believe, as more functionality is added to these gadgets, it will result in more breaches being found, and it will give virus authors a lot more avenues to explore."
And so the virus war goes on, and on, and on...
Late last week, a company that produces antivirus software for computers revealed that it has discovered the first virus targetting PDAs, the handheld devices that are growing in popularity with business people all over the world.
"This is not a false alarm," said Vincent Gulloto, head of McAfee’s anti-virus emergency response team which found the virus "Phage" Thursday last week.
The virus fills a PDA’s screen with a dark gray box, causing the device’s operating system to terminate. It also infects all third party applications contained in the handheld device.
Though the virus was not widespread, it nonetheless sent shivers to the growing number of PDA users in the world since it was the incarnation of their biggest fear.
Earlier, a Trojan horse called "Liberty Crack" was discovered to affect PDAs. Masquerading as a hack for the Liberty 1.1 Game Boy emulator, it turned out to be a malicious program that erased all applications in the PDAs of users who downloaded it from the Internet.
David Perry, director of public education for antivirus vendor Trend Micro Inc., said that at present, viruses and Trojan horses for PDAs may not yet be a cause for alarm.
"Currently, it’s not a big deal. But it portends a grim future for Internet appliances," he said. "The VX society (virus authors) wants publicity, thus they’re targeting PDAs."
The International Data Corp., a market research firm, predicts that PDA users will reach 19 million worldwide three years from now, making them a worthy target for virus authors. And as PDAs evolve from mere organizers to communication devices, virus authors may use them as new paths for their creations to enter and wreak havoc on corporate networks.
Virus traits - Whether we like it or not, it seems viruses are here to stay. And they’ll get more virulent as years go by.
If you buy a computer nowadays, you’ll likely get a unit bundled with an antivirus software and this, more than anything else, should be enough to convince you how widespread viruses have become and how much the computer industry has come to accept their inevitability.
There are thousands of viruses. There are even categories for them. But generally, all viruses fit a single basic definition: They are computer programs intentionally designed to replicate themselves when certain existing programs are run.
The word "intentionally" is the key. Viruses are not just accidents. Programmers with significant skills author and develop them, then find ways to get them onto the computers of the unsuspecting. For many virus authors, the whole thing is simply a challenge. For others, the point is having a good time making computing life uncertain or even miserable for others.
Viruses like the Love Bug have gained a reputation for being harmful (the Love Bug wreaked some $10 billion in damage worldwide, remember?). Yet many viruses cause nothing but inconvenience. Yes, some viruses damage files or perform other forms of destruction and can affect the speed and efficiency of computers. But others simply provide minor annoyance or are even invisible to most users.
To be considered a virus, a program needs to replicate itself. Anything else it does is just extra.
This definition of a virus is actually more specific than the way people tend to use the term. Other types of programs are also labeled as viruses but fit only part of that definition. These types include worms, Trojan horses, droppers and bombs which are likened to viruses since they act without the user’s knowledge and do some things inside the computer which they are intentionally designed to do.
Stealth viruses mislead the antivirus software into thinking that nothing is wrong. Essentially, a stealth virus retains information about the files it has infected, then waits in memory and intercepts antivirus programs that are looking for altered files. It gives the antivirus programs the old information about the files, making them think that everything’s well.
There is also such as a thing as a polymorphic virus. This type alters itself when it replicates, so antivirus software that looks for a specific pattern won’t find any instances of the virus. Thus, those viruses that survive the cleansing continue to replicate.
Other virus authors, meanwhile, experiment in the way they spread their creations.
One author from the Czech Republic, for example, used "file stream" technology to upload his "Stream" virus early this month.
File streams – not related to audio or video streams – break up programs into a main code segment, or stream, and several alternate ones.
Used for sharing data between programs, this technology was first used in the Windows NT file system, and is also present in Windows 2000.
Eugene Kaspersky, head of Kaspersky Lab, a Russian antivirus research firm which first spotted the Stream virus, said file streams make viruses harder to detect.
"Certainly this virus begins a new era in computer virus creation," he said. "The technology the virus uses to plant itself into files makes its detection and disinfection extremely difficult to complete."
Most antivirus scanners only scan the main stream of programs and miss data hiding in an alternate data stream.
Richard Jacobs, president of antivirus firm Sophos, said viruses for and from handhelds would eventually become a serious concern, although that time has yet to come.
"At the moment there’s no security or culture of security around these devices, and that’s got to change," he said.
Mobiles phones can become contagious, too.
Just recently, it was reported that a breach has been discovered in some versions of a cellular phone brand which would allow a special text message to be sent to the phone that would freeze its keys and disable normal operation.
Kaspersky, the Russian antivirus expert, said that although the glitch may not be serious and can be corrected by removing the phone’s battery, it still signals worse things to come.
"This is not the first and obviously not the last security breach discovered in mobile phones," said Kaspersky, who is developing the world’s first platform-independent antivirus engine to address handhelds, mobile phones and other so-called Internet appliances.
"I believe, as more functionality is added to these gadgets, it will result in more breaches being found, and it will give virus authors a lot more avenues to explore."
And so the virus war goes on, and on, and on...
BrandSpace Articles
<
>
- Latest
Latest
Latest
November 6, 2024 - 7:16pm
November 6, 2024 - 7:16pm
November 6, 2024 - 4:50pm
November 6, 2024 - 4:50pm
November 4, 2024 - 9:12am
November 4, 2024 - 9:12am
November 1, 2024 - 9:00am
By Aian Guanzon | November 1, 2024 - 9:00am
October 31, 2024 - 12:02pm
October 31, 2024 - 12:02pm
Recommended
