.puter Viruses, Worms, And Trojan Horses Explained -ca1477

Overview .puter viruses, worms, and Trojan horses are malicious pieces of software that can cause considerable damage to your .puter hardware, software, and information stored in it. They can also slow down your PC, making it virtually unusable. This type of software falls into the category of malware (short for malicious software) since it is designed to harm or secretly access a .puter system without the owner’s informed consent. .puter virus hoaxes are also quite .mon, but harmless in nature. An often asked question, particularly from people relatively new to .puters, is "Where do .puter viruses .e from?" The answer is simple. People write .puter viruses. A person writes the code, tests it to ensure that it will spread properly, decides what the virus will do, and releases it. There are many psychological reasons why someone would do this, and these virus authors are often .pared to vandals or arsonists. The Creeper Virus is generally accepted as the first .puter virus. It was first detected on ARPANET, the forerunner of the Internet, in the early 1970’s, infecting DEC PDP-10 .puters running the TENEX operating system. Creeper gained access via the ARPANET and copied itself to the remote system where the message, "I’m the creeper, catch me if you can!" was displayed. .puter viruses, as we know them today, were first widely seen in the late 1980s, and they came into existence because of several factors. The first factor was the spread of personal .puters (PCs). During the 1980s, the IBM PC (released in 1982) and the Apple Macintosh (released in 1984) became very popular, with widespread use in businesses, homes and college campuses. The second factor was the use of .puter bulletin boards. Using a modem, people could dial up a bulletin board and download programs of all types. Games were extremely popular, and so were simple word processors, spreadsheets and other productivity software. Bulletin boards led to the precursor of the virus known as the Trojan horse. The third factor that led to the creation of viruses was the floppy disk. In the 1980s, programs were small, and you could fit the entire operating system (usually MS-DOS), a few programs and other files onto a floppy disk or two. Many .puters did not have hard disks, so when you turned on your machine it would load the operating system and everything else from the floppy disk. Virus authors took advantage of this to create the first self-replicating programs. Quite often these floppy disks were shared among .puter users, allowing the virus to spread from one .puter to another. Viruses A .puter virus is a small piece of software that, like a human virus, is capable of replicating itself and spreading. In order to do this, a virus must be permitted to execute code and write to memory. For this reason, many viruses attach themselves to executable files (real programs), such as your favourite text editor program or other utility. If you launch the text editor program, the virus’ code may be executed simultaneously, allowing it to replicate itself, and attach to other programs. An e-mail virus travels as an attachment to e-mail messages, and usually replicates itself by automatically mailing itself to dozens of people in your e-mail address book. Some e-mail viruses don’t even require a double-click — they launch when you view the infected message in the preview pane of your e-mail software. Being a .puter professional with over 30 years experience in the software industry, I have seen a lot of bogus e-mail, so receiving the following message recently was not a surprise: Dear customer. 2011 DHL International GmbH. All rights reserverd. Of course, the e-mail also contained an attachment in the form of a ZIP file. Not only is the spelling bad, but the grammar is bad as well. And they claim to be DHL, a reputable .pany! My curiosity didn’t get the better of me — I decided not to open the attachment. One of the more famous e-mail viruses appeared in March, 1999 and was known as the Melissa Virus. Anti-virus software vendors refer to this virus as the Melissa macro or W97M_Melissa virus. It propagated itself in the form of an e-mail message containing an infected Microsoft Word 97 or Word 2000 document as an attachment. It was so powerful that it forced a number of large .panies, including Microsoft, to .pletely turn off their e-mail systems until the virus could be contained. Virus Hoaxes A .puter virus hoax is a message warning the recipient of a non-existent .puter virus threat. The message is usually a chain e-mail that tells the recipient to forward it to everyone they know. Most hoaxes are sensational in nature and easily identified by the fact that they indicate that the virus will do nearly impossible things, such as blow up the recipient’s .puter and set it on fire, or less sensationally, delete everything on the user’s .puter. Quite often the e-mail message claims to originate from a reputable .pany, such as Microsoft, giving the hoax more credibility. Virus hoaxes are usually harmless and ac.plish nothing more than annoying people who identify it as a hoax and waste the time of people who forward the message. Nevertheless, a number of hoaxes have warned users that vital system files are viruses and encourage the user to delete the file, possibly damaging the system. Examples of this type include the jdbgmgr.exe virus hoax and the SULFNBK.EXE hoax. Some consider virus hoaxes to be a .puter worm in and of themselves. They replicate by social engineering — exploiting users’ concern, ignorance, and reluctance to investigate before acting. The gullibility of novice .puter users (my parents .e to mind) convinced to delete files on the basis of hoaxes has been parodied in several popular jokes and songs. "Weird Al" Yankovic wrote a song called "Virus Alert" that makes fun of the exaggerated claims that are made in virus hoaxes, such as legally changing your name. Another parody is the honor system virus, which has been circulated under several different names including the Amish .puter Virus, the Blond .puter Virus, the Newfie Virus, and the Unix .puter Virus, is joke email claiming to be authored by the Amish who have no .puters, programming skills or electricity to create viruses and thus ask you to delete your own hard drive contents manually after forwarding the message to your friends. The Tuxissa Virus is another parody of the virus hoax, based on the concept of the Melissa virus, but with its intent of installing Linux on the victim’s .puter without the owner’s permission. The story says that it was spread via e-mail, contained in a message titled "Important Message About Windows Security". It was supposed to first spread the virus to other .puters, then download a stripped-down version of Slackware and un.press it onto the hard disk. The Windows Registry is finally deleted and the boot options changed. Then the virus removes itself when it reboots the .puter at the end, with the user facing the Linux login prompt and all his Windows security problems solved for him. Worms A .puter worm is a small piece of software that uses .puter networks and security holes to replicate itself. Unlike .puter viruses, worms do not need to attach themselves to programs, and don’t require user intervention to spread. Worms are capable of replicating in great volumes, taking control of features on your .puter that transport files or information. For instance, a worm called Code Red replicated itself more than 250,000 times in approximately nine hours on July 19, 2001, slowing down Internet traffic dramatically. The ILOVEYOU (also known as LoveLetter) worm successfully attacked millions of Windows .puters in 2000 when it was sent as an attachment to an email message with the text "ILOVEYOU" in the subject line. The worm arrived in email in-boxes with the simple subject of "ILOVEYOU" and an attachment "LOVE-LETTER-FOR-YOU.TXT.vbs". The ‘vbs’ extension was hidden by default, leading unsuspecting users to think it was simply a text file (when in fact it was a Visual Basic script). Upon opening the attachment, the worm sent a copy of itself to everyone in the Windows Address Book and with the user’s sender address. It also made a number of malicious changes to the user’s system. Trojan Horses A Trojan horse is a destructive .puter program that masquerades as a valuable or entertaining tool. It claims to perform a desirable function, but in fact damages your .puter system when it is run. A Trojan horse can be a virus or a remote control program. They are usually installed on a .puter through an e-mail attachment. The term is derived from the Trojan Horse story in Greek mythology. In this story, the Greeks give a giant wooden horse to their enemy, the Trojans, apparently as a peace offering. But after the Trojans drag the horse inside their city walls, Greek soldiers sneak out of the horse’s hollow belly and open the city gates, allowing their .patriots to pour in and capture Troy. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most crafty types of Trojan horse is a program that claims to rid a .puter of viruses but instead introduces viruses onto the .puter. Back Orifice is a famous example of a Trojan Horse, written to demonstrate the lack of security in Microsoft Windows 98. It was the brainchild of Sir Dystic, a member of the U.S. hacker organization CULT OF THE DEAD COW. It was designed for remote system administration, based on a client-server architecture, allowing a user to control a .puter running Microsoft Windows from a remote location (much like Microsoft’s Remote Desktop Connection software). This required two .ponents to work — a client application running on the attacker’s .puter and a server application running on the victim’s .puter. Once installed, the attacker can perform any number of tasks on the victim’s .puter, including transferring files to and from the victim’s machine, crashing the .puter, data theft, installation of software including malware, and keystroke logging for the purpose of acquiring user ids and passwords. Back Orifice 2000, the sequel to Back Orifice, was later released and could run on Windows NT machines. Another notable Trojan horse is called SubSeven. It was designed to attack .puters running Microsoft Windows 95 and Windows 98. It is also similar in architecture to Back Orifice, but with a third .ponent called a server editor (EditServer), which allowed the attacker to configure the infection. It provides many more options for attack than Back Orifice, however, allowing an attacker to issue virtually any .mand imaginable on a .promised system. Trojan horses are be.ing more and more .mon. According to a survey conducted by BitDefender from January to June 2009, "Trojan-type malware is on the rise, accounting for 83-percent of the global malware detected in the world". This virus has a relationship with worms as it spreads with the help given by worms and travel across the Internet with them. Famous .puter Viruses And Worms Throughout history there have been a lot of .puter viruses and worms created. Here is a list (in no particular order) of the most dangerous ones. Mellissa Protecting Your .puter You can protect your .puter from viruses with a few simple steps: Run a more secure operating system such as UNIX. Due to the destructive nature of viruses, it is important that you back up your data on a regular basis, particularly those files you can’t afford to lose. Most up-to-date anti-virus programs, like McAfee VirusScan Plus , BitDefender , or CA Anti-Virus Plus , will guard against .puter viruses and remove them should they be installed. Of course, they need to be updated with virus signature files to catch the latest variants that are released periodically. These signature files (sometimes called "definition files") can be obtained from the program vendor via the Inter.. About the Author: 相关的主题文章: