The ABC of Cyber-Security: V is for Virus

Our retrospective of computer threats started with keyloggers and ransomware, two relatively new malware families. Now here is something only kids of the 80s will remember: viruses – also known as file infectors.

What is a computer virus, anyways?

A computer virus is an application that can copy itself by attaching its code to other files on the system. Its mission is to spread from file to file and computer to computer, mostly causing damage and compromising the integrity of the infected computer. Most of the times, the virus would modify system files, rendering the host unusable. In short, a virus could mainly deteriorate system files, which prevents the operating system from booting.

Remember: while the term “virus” is improperly used for computer malware, it is not a virus unless it can infect files.

A little history

 The first computer viruses were born in academia, and pitched for totally different purposes than infecting systems and causing havoc among computer users. For instance, in the late 50s, British mathematician Lionel Penrose published a report called “Self-Reproducing Machines,” an overview of a simple two-dimensional model able to self-replicate, mutate and attack computer systems. The practical part of the project was ported by Frederick G. Stahl on an IBM 650 system. At that moment, scientists and researchers were exclusively concerned with artificial intelligence and the blooming field of robotics.

A few years later, three researchers at the Bell Telephone Laboratories started experimenting with a programming game called Darwin. Darwin was comprised of a program called the “umpire” running in a designated section of the computer’s memory (the memory location was referred to as “the arena”).

Each player would have to write small programs using IBM 7090 machine code, and could call specific functions stored in the “umpire”. The main goal was to probe memory locations, terminate the opposing program running at that location, then fill the vacant space with copies of themselves.

The game itself was merely harmless amusement, but it also can be seen as the birth of self-multiplying software that would go on to be used in completely different manners.

Modern viruses

Although extremely popular back in the day, modern operating systems ship with anti-virus mitigations, like the ability to detect and restore tampered system files to a clean state. But there is another reason why malware creators have abandoned developing viruses recently. Our internal telemetry show that viruses account for one tiny percent of the threats we see at a global scale.

To monetize infections, cyber-criminals need their creations to stay undetected and online for a long time. Since computer viruses compromise files and operating systems, they are way too noisy and raise users’ suspicion.

Despite that, extremely complex viruses such as Win32.Sality, Win32.Virtob or Win32.Ramnit are still in circulation. In more than 13 years of existence, Sality alone has infected more than 2 million computers worldwide.

How to stay safe

Although computer viruses are nearing  their expiration date, they are not going down without a fight. To make sure your computer does not fall victim to viruses, only download files from trustworthy sources. Never open suspicious attachments or e-mail that has landed in your inbox’s Junk folder unless you know and trust it.

A good antimalware solution such as Bitdefender’s award-winning Internet Security or Total Security products will help you keep threats, including viruses, at bay.

Leave a Reply