Almost everyone who uses computers and the Internet is familiar with the term Virus. Its abbreviation is Vital Information Resource Under Siege. Many viruses can be stopped before they get triggered if users properly maintain safety options. But there are many viruses which are unable to stop or becomes undetectable because of some technical reasons.
What is Computer Virus?
A computer virus is a program or a piece of code that is specifically designed to spread from computer systems to another computer and interfere with computer operation without the victim's knowledge. Hackers use these virus codes to corrupt or delete data from the victim's computer or use email to spread to other computers or networks. These viruses often get spread via email attachments or Instant Messaging (IM). Viruses can be disguised as images, audio, software, videos, or other attachments. The technique of making a disguise of these viruses and hiding them behind other files is called 'Binding'. As a hacker, you should know what binding is. Binding the Virus behind other daily usable files makes normal users unaware that they are unknowingly triggering the Virus and infecting themselves. Some viruses wreak their effects as their codes get executed. Other types of viruses stay dormant until they get a suitable digital environment for execution. Other deadly viruses stay dormant during their whole life cycle and keep sending the victim's information to its owner/creator. Even a simple virus can be dangerous as it will quickly capture the memory and bring the system to a halt. A virus that replicates itself to other computers without being attached to any files is called 'Worms'.
Means of the Traversal of Virus
- Viruses travel through flash drives, CD drives, pen drives, the Internet, etc.
- Virus code gets replicate when copied by users.
- Even documents (like Word, Excel, Notepad) do carry Viruses when these files get affected.
History of Computer Virus
In 1971, Bob Thomas of BNN technologies wrote a program, 'Creeper System' - a self-replicating program to test Jon von Neumann's theory, which was published as an article in 1949. Since 1987- when a virus infected ARPANET, a vast network used by the Department of Defense and many universities, many antivirus programs were developed, which periodically checks the computer system in search of viruses. Gradually the battle between viruses and antivirus came to a more prominent role, which we see nowadays.
Types of Computer Virus
- Boot Sector Viruses: are a special type of virus that targets the boot sector or master boot record (MBR) of the victim's hard drive or removable flash drives.
- Macro Viruses: infect those created using some programs that contain some macros within .doc, .ppt, .mdb, etc. This Virus automatically detects the macros and templates within a file, infects them in the host's computer, and hides the document or shares it through email. Examples of such types are: Melissa.A, relax, bablas, etc.
- Memory Resident Virus: fix them inside the host computer's memory and get activated every time the OS runs and infects those files that are opened for use. These viruses usually hide in RAM (Random Access Memory). Examples are meve, randex, etc.
- Browser Hijacker Virus: This Virus spread in various ways, such as via downloads. If it infects any browser in the host's computer, the browser automatically redirects the user to a particular website(s).
- Worms: are self-replicating viruses that don't attach themselves to other files and lead to adverse effects on the host's computer.
- Polymorphic Virus: These viruses encrypt themselves differently every time these viruses attack the host computer. Since they use different encryption algorithms and change their format every time they affect the victim, they become untraceable and difficult for antivirus to detect using signatures or string searches. Examples are Marburg, satan bug, etc.
- FAT (File Allocation Table) Virus: Some viruses attack the disk part's FAT location, which is used to store every information about the available disk.
- Multipartite Virus: spread and replicate in many different ways. Their actions depend on the OS installed and the presence of some particular type of files.
- Scripting Virus: Many webpages contain complex codes to create interactive UI content. Specific codes are often used to cause undesirable effects and originate from infected WebPages or browsers.
- Directory Virus: These viruses infect the host computer's directory and change the path of file location. They usually reside in the disk but affect the entire directory. An example is a dir-2 Virus.
- Overwrite Virus: Deletes information of the file they infect and left that file useless. They replace the file content, but the file-size remains the same.
- Trojan: A trojan is a malignant breed of malicious code that is sent for a particular purpose. They disguise in the target computer and do the work that is allocated/programmed by its creator. We will discuss trojan in later chapters.
Many programming languages are used primarily to develop viruses. The easiest programming languages to learn are batch programming, C, Java, Python, etc.
Symptoms of a Computer Virus
- Computer performance becomes slow.
- Unexplainable loss of data.
- Abnormalities will be there in computer behavior.
- Computer crashes in frequent intervals.
Countermeasures Against Computer Virus
- Use the recommended antivirus and firewall protection.
- Buy and use anti-spyware software.
- Increase browser security setting to protect your PC from online threats and viruses.
- Update your antivirus and firewalls.
- Don't open attachments or emails from an unknown sender.