Know Your Enemy - The Origins of Malware
November 02, 2015 at 4:00 AM
Any Military Strategist would tell you that you must 'Know Your Enemy'. This idea can be applied to many things in life; and Malware is no exception.
If you own a PC, Laptop, or even a mobile device, you are likely vulnerable to Malware attacks. Most people know of Malware, but many don't understand what it really is, and how it can get onto your machine, let alone how to repair or remove it.
First, What IS Malware? Wikipedia defines it as follows:
"Malware, short for malicious software, is any software used to disrupt computer operations, gather sensitive information, or gain access to private computer systems. Malware is defined by its malicious intent, acting against the requirements of the computer user, and does not include software that causes unintentional harm due to some deficiency."
So, where did Malware first appear?
Before Internet access became widespread, viruses were spread on computers by infecting the boot sectors of floppy disks. By inserting a copy of itself into the machine code instructions in these executables, a virus causes itself to be run whenever a program is run or when the disk is booted.
However, the theoretical implementation and facilitation of Malware can make the lines a little fuzzy on when the first specific piece of malware actually came into existence.
Here is a brief history of Malware, in which you can decide for yourself what instance should be considered the official birth of malware:
The theoretical preliminary work on computer viruses goes back as far as 1949. John von Neumann (1903-1957) developed the theory of self-reproducing automatons. However the details of the technical implementation were not conceivable at this time.
In Core Wars programs written in so-called Redcode are at war with each other. They fight to survive in the memory area. So-called impulses spread through memory and delete addresses at random. There were also a few versions which could copy themselves. This is where the roots of computer viruses lie.
Professor Leonard M. Adleman employs the term "computer virus" for the first time in conversation with Fred Cohen.
The first viruses for Apple II computers are exchanged within a small circle via diskette. Due to an error, the virus caused program crashes. This error was rectified in later versions..
As the first "in the wild" Apple / DOS 3.3 virus, the "Elk Cloner" virus plagues users with spoonerisms, inverted or false displays and clicking noises. It spread via diskettes, which with other operating systems - probably inadvertently - were made unusable.
In the Xerox Alto Research Centre, Jon Hepps and John Shock program the first worms. They are used for distributed calculations and spread independently in the network. Because of a program error, this spread took place in an uncontrolled manner, which after a short time crippled the computers.
In November Fred Cohen presents the concept of a virus for the first time in his seminar. For the implementation of a first functional virus running on UNIX, he needed only 8 hours. Within a few minutes he had full access rights to all computers.
Fred Cohen publishes his first articles about "Experiments with Computer Viruses," which were incorporated in his PhD thesis "Computer Viruses - Theory and Experiments" published in 1986. His rather mathematically-oriented definition of a virus is still recognised today and does not encompass the negative connotation that the term virus has acquired nowadays.
There is not long to wait before other viruses appear in the wild. Often these are just joke programs, which only annoy the computer user.
The Trojan horse Gotcha is truly virulent. After the EGABTR program starts, which supposedly enables graphical displays, the data on the hard drive are deleted and "Arf, arf, Gotcha" appears on the screen."
The "Surprise" program, written in BASIC, used the line command "kill *.*" to ensure that all accessible files were deleted. At the same time the text "Surprise" was displayed.
The source code of a virus for Apple II computers is printed in the journal "Apples". At the same time, the German hacker scene was getting to grips with viruses. The "BAYERISCHE HACKERPOST" is the first German magazine to report on computer viruses and Cohen's dissertation. At the time, the danger associated with computer viruses, relates only to mainframe computers. The danger to personal computers is not yet taken seriously.
The brothers Basit and Amjad Farooq Alvi run a small computer business called "Brain Computer Services" in Lahor, Pakistan. In order to punish illegal copying of their software, they created a boot sector virus for the DOS operating system. Spread by Pakistani students, the virus spread like an epidemic and even reached American universities. The program was, however, relatively harmless as all it did was rename the TOC of the infected diskettes to Brain. It remains to this day, the only virus program, which contains the author's address.
With "Virdem", Ralph Burger introduces the first file virus at a forum of the Hamburg Chaos Computer Club.
"PC-Write" was the first Trojan horse.
Thanks to the "Pakistani Brain", viruses entered into the public consciousness. John McAfee and other computer specialists founded the first anti-virus companies.
The first mainframe computer is attacked with viruses at the Free University of Berlin. The Chaos Computer Club warns of a virus epidemic within the next 18 months. The source code of a virus for Apple II computers is printed in the magazine "Computer Persönlich". The source code for the virus "Rushhour" (by B.Fix ) for MS-DOS computers is printed in the magazine "Datenschleuder".
Now viruses appear ever more frequently that infect files (at first only .COM files). The virus "Lehigh" arouses public interest for the first time. Lehigh infects "command.com" and is therefore, from a technical point of view, the first memory resident virus. After the virus has been copied to 4 diskettes, the data on all data media contained in the computer are deleted. This radical action leads however, to its rapid extinction. In connection with "Lehigh", the VIRUS-L/comp.virus mailing list and newsgroup is created and becomes an important source of information in the fight against viruses.
A student in Wellington, New Zealand writes the first, and one of the most successful, boot sector viruses called Stoned/New Zealand. It has no destructive harmful function. Form is just as successful as a boot sector virus.
After the first Macintosh viruses have surfaced in the form of nVir and Peace, Apple decided to load the virus search program Virus-Rx on every computer.
The so-called "Cascade-Virus" is the first encrypted virus. This causes, for the first time in Germany, the letters on a page to slide downwards where they collect in a little heap. The files were destroyed.
The first virus for Amiga (SCA) infects the boot sector and displays a message from time to time.
In December, a well-meaning American student crippled e-mail communication and networks worldwide with the first computer worm. The "Christmas tree" worm draws a Christmas tree on the screen while in the background, it sends itself to all the e-mail addresses it can find on the system.
in "c't" (German computer technology magazine), an article appears about computer viruses for the Atari ST, in which a source code listing is also printed. The virus can easily be adapted by the non-specialist. The subsequent wave of new viruses triggers a discussion about the publication of virus source codes.
Ok, so now we have an understanding of the history and proliferation of Malware, but if you fall victim, how do you get rid of it?
For this, we recommend the website http://nabzsoftware.com/ which has guides, information, and how-tos on removing varying types of Malware. For example, how to remove the Malware 'DNSUnlocker':
Want To Write A Story For DMR? Click Here We encourage all readers to post their thoughts and opinions on our articles. We are, however, committed to maintaining a civil forum for discussion, so we ask you to avoid personal attacks, and please keep your comments relevant and respectful. If you encounter a comment that is abusive, click the "X" in the upper right corner of the comment box to report spam or abuse. We are using the Facebook Comments System.