The first computer viruses, what they were, why were they created?
The most famous virus or rather file worm is considered pervading animal. It was created in 1975 for the UNIVAC 1108 computer, as the refinement of the previously created game "Animal", which was very popular at one time. The distribution of programs and files at that time was a very time-consuming occupation, since it had to record it from one magnetic tape to another. When the programmer John Volker is tired of such a long copy process, he wrote a special subprogram "Pervade". It launched into the computer's memory as an independent subprocess, I was looking for a directory for recording and in the absence of a copy of the game "Animal" recorded it there.

However, such an innovation made a disorder in the work of the program, and it began to add themselves to other executable files, it is not overwhelmed into all directories yet. The spread of the game stopped after Univac released in 1976 a new version of the operating system in which the virus game could not work.

One of the first viruses found on a regular user who could spread in foreign computers, and not in the system where it was designed is "ELK CLONER". This virus wrote in 1981 a fifteen-year-old schoolboy Richard Scranta for Apple II computers.
The virus spread, infecting the DOS operating system for Apple II, through flexible magnetic discs. After launching a computer with an infected floppy disk, a copy of the ELK Cloner virus is automatically loaded into the computer's memory. The virus did not affect the operation of the computer and other programs, it could only observe disk drives. When accessing an unreleased disk or diskette, the program copied itself. So he slowly infected more and more computers. And, although the virus did not specifically harm the user, it was able to spoil discs with a non-standard DOS type, destroying the disk backup paths regarding the contents. Each 50th download "ELK Cloner" ended with the output of a short poem to the computer screen.

The first network virus is Creeper. In 1973, he infected the Arpanet military computer network, the prototype of the Internet. Virus wrote BBN employee (Bolt Beranek and Newman) Bob Thomas. This program could independently go online through the modem and leave your copy on remote computer. He did not fulfill any destructive actions, only when hitting the computer, displayed the inscription: "I" Mo Creeper ... Catch me if you can "(I'm crying ... Catch me if you can).
A little later, another BBN employee Ray Tomlinson developed the REAPER program, which also moved freely over the network and, if Creeper detected, deleted it.

The first viral epidemics passed in 1987-1989. By this time, many could afford to acquire relatively cheap computers IBM PC, which led to a sharp increase in the scale of infection with computer viruses. It was in 1987 that three large epidemics of computer viruses broke out at once. The virus that caused the epidemic was called Brain (also known as the Pakistani virus), was developed in Pakistan to punish local pirates carrying programs from the developer. But, unexpectedly for everyone, he spread very quickly around the world.

For reference.
Computer virus is such a malicious program that can create your copies, as well as implement your code to other programs, boot sectors of the disks, in the system memory. The virus can distribute their copies over the Internet. Viruses are created to violate the operation of the computer, delete data or their theft, blocking the work of users or disabling the hardware of the computer.

Each person in the world who had even the smallest experience with the computer, heard such a phrase as " computer virus " And on this phrase it becomes clear that nothing good to wait for it.

Computer viruses exist with the initial stage of development computer equipment And the first was created in 1981, a schoolboy named Richard Scranta. This virus spread through popular at the time, floppy disks. And because of its ability to clone yourself to other media, ELK Cloner was named. But unlike the viruses of our time, he was relatively harmless and only removed the text to the monitor in the poetic form. But there were no few years and viruses, it can be said that they were evolved and able to multiply in the operating system and even evolve, and also in the incubation period, waiting for certain teams laid down by the programmer. Only he infects and harms the "health" of PC.

There are viruses that can be deleted third-party programs, and there are, which will be deleted only when reinstalling the system. To date, mankind knows more than fifty thousand species of dangerous programs. What would not be brought to it, you should always keep an active one anti-viral program. No matter what it, third-party or built-in, bought or free, it will always warn about the infected software and will advise him not to install it. It is also worth having a PC program to protect against viruses on the Internet, or an expansion in the browser. So what does he represent himself? Let's wonder.
Computer virus - This is a small program that can clone itself and introduce your clones into the system code of other programs, or at all, replace them, inflicting irreparable harm to personal data stored on PC. The main function of viruses is deleting data from hard disk Or their embezzlement to transfer via the Internet. Also, viruses are constantly working in a hidden mode, constantly overloading the system, from which the shortage of RAM can occur, overheating the processor and hard disk. Or bring the computer in general. So think about if the initially well-working computer began to "slow down", then it is worth thinking about malicious programs In OS and will not be superfluous, for prevention, scan for viruses.
What is a virus and with what it is "eaten," disassembled. Now I would like to know who and why you need to create parasitic programs.
There are several types of people who create a viral software - this is:
1. Beginner programmers, the main component are teenagers and creating viruses, one of the opportunities to assert. This kind of viruses are simple in creating and do not create a big danger to the computer, but they are extremely rare.
2. Professional programmers, the purpose of creating malware for them is an evil intent, which is theft of personal data or the irrevocable removal of them from the carrier.
The virus into the computer can get different ways. It can be a floppy disk, flash drive downloaded from the Internet file. Also, intruders can distribute them through messaging services, sending a link to a dubious site. Let's analyze some varieties of viruses and the purpose of their location in the system.
1. Troyan. Received such a name because of the famous myth about Achles. This parasite is hidden in other programs and after installation begins to collect information from a PC, such as passwords, and forwards its creator.
2. Worm. The essence of this virus is to slow down the computer by the method of litter. Basically, the worm falls into the PC by exchanging messages.
3. Encryptors. This malware encrypts all data, after which it offers to buy an access key, but the goal of the program is not enrichment, but the destruction of data, one of the most common ways.
4. Rootpit. Programs created in order to penetrate into someone else's PC remotely and disrupt traces of stay in it.
5. Exjuaters. Fully block access to the computer, requiring transferring money about its creator. But the likelihood that the computer will be unlocked very small. It is better to find an antivirus specializing in this subject and understand.
6. Spies. By the name it is clear that the program was created for the purpose of tracking, remembering the visited pages, correspondence in the social. Networks and other steps performed on computers.
Protective from all this computer hands will help competent behavior on the Internet, the presence of an antivirus program and the most effective method, timely update of the operating system.

Theoretical foundations of creating computer viruses were laid in the 40s of the last century by American scientists John Background Neyman (John Von Neumann), which is also known as the author basic principles Work modern computer. For the first time, the term virus For computer programs applied Fred Cohen (FRED COHEN). It happened on November 3, 1983 at the Weekly Computer Security Seminar at the University of Southern California (USA), where a project was proposed to create a self-propagating program, which was immediately dubbed the virus. To debug it, it took 8 hours of computer time on the VAX 11/750 car running the UNIX operating system and exactly a week later, on November 10, the first demonstration took place. Fred Cohen based on the results of these studies was published by the work "Computer Viruses: Theory and Experiments" 1 F. COHEN. Computer Viruses: Theory and Experiments // DOD / NBS 7th Conference On Computer Security (1984). Also published in a number of publications, including Computers and Security, 1987 - Vol. 6 # 1 - p. 22-35 from detailed description Problems.

Since the viruses under consideration are essentially computer programs, then their history can only be said since the appearance of computers, that is, since 1946, when the first electronic computing machine (EUM) - ENIAC (Electronic Numerical Integrator and Computer) has been released in the US . However, before the commercial computers appeared in 1960, access to the computer was strongly limited and there were no viral incidents.

The first well-known virus was written for a computer Univac 1108 (the end of the 1960s - the beginning of the 1970s). He called Pervading Animal And actually he was a game written with a mistake - with the help of leading questions, the program tried to determine the name of the animal conceived by playing. The error was that when adding new questions, the modified game was recorded on top old version Plus copied to other directory. Consequently, after a while the disk became crowded. Since Pervading Animal was not a real virus, he did not contain self-proliferation procedures and was transmitted exclusively through users who wanted to rewrite the program in their own accord.

In 1969, the first global first global computer network, progenitor modern internet, arpanet 2 project Arpanet was closed in June 1990 Advanced Research Projects Agency Network). She united the four leading US scientific center and served to quickly exchange scientific information. It is not surprising that already in early 1970s, the first virus appeared in Arpanet, able to spread over the network. He called Creeper. And it was able to independently enter the network through the modem and save his copy on the remote machine. On infected computers, the virus discovered himself with the message "I" M of the Creeper: Catch Me If You Can. "To remove the annoying, but in general, the program was unknown by the unknown program REAPER. In fact, it was a virus that performed some features characteristic of antivirus: it spreads computer network And in case of detection on the Creeper virus machine, destroyed it.

At this time, computers were used exclusively for industrial purposes - they occupied entire floors, were very expensive and difficult to operate, the time of work on them was painted in minutes. The release of personal computers, that is, such that could be acquired by individuals and were used for personal purposes, was established in the late 70s - early 80s of the last century. These were personal computers Apple and IBM PERSONAL COMPUTER. However, with the development of computer equipment progressed and computer viruses. In 1981, cases of infection were recorded Elk Cloner.which spread through pirated copies computer games. Insofar as hard disks Then there was not yet, he was recorded in the boot sector 3 The boot sector is the first sector. logical disk (On diskettes coincides with the first physical sector). It contains a bootloader program that is responsible for running the operating system. Doubles and showed itself to turn the image on the screen and output of the text:

ELK Cloner: The Program With A Personality It Will Get On All Your Disks It Will Infiltrate Your Chips Yes, It "S Cloner It Will Stick to You Like Glue It Will Modify Ram, Too Send in the Cloner!

In 1984 they were published first antivirus programs - CHK4BOMB and BOMBSQAD. Their author was Andy Hopkins (Andy Hopkins). The programs analyzed the loading modules and allowed to intercept recording and formatting performed via BIOS 4 BIOS (Sokr. From English. Basic Input-Output System - basic system I / O) is the first program that begins to be executed after turning on the computer and serves to test and prepare for the operating system loading (or other software). BIOS provides other computer devices a standard way to communicate with each other and stored in non-volatile memory on the motherboard in the system unit. At that time, they were very effective and quickly won popularity.

The first real global epidemic caused a virus in 1986 Brain.. It was written by two programmer brothers Basit Farouques and Amjade Alvi (Basit Farooq Alvi and Amjad Alvi) from Pakistan in order to determine the level computer piracy In my country: the virus infected the loading sectors, changed the disk label 5 Under the label of the disk is usually understood by the native name assigned to this ROM On "(C) Brain" and left a message with names, address and telephone authors. The distinctive feature of Brain - the ability to substitute the unnecessary original instead of real data when trying to view the user infected boot sector (the so-called stealth technology). For several months, the program went outside of Pakistan and by the summer of 1987, the epidemic reached global scale. Nothing destructive virus did not.

In the same year another significant event occurred. German programmer Ralph Burger (Ralf Burger) has opened the ability to create a program of its copies by adding a code to the COM format executable DOS files. Experienced sample program called Virdem., It was demonstrated on a computer undercover forum - Chaos Computer Club (December 1986, Hamburg, FRG). According to the results of research, the Burger has published the book "Computer Viruses. The Disease of High Technologies", served to wrote thousands of computer viruses, partially or fully used the idea described by the author.

In the next 1987, the first one was written malicious virus - Lehigh. He caused the epidemic in the Lehi University (USA), where Fred Cohen worked at that time. Lehigh infected only system files Command. COM and has been programmed to delete all information on an infected disk. Within a few days, the contents of hundreds of flop diskettes from the library of the University and Personal Fleets of Students were destroyed. In total, about four thousand computers were infected during the epidemic. However, the LEHIGH University did not come out.

Mike Rochenle - the pseudonym the author of the first famous viral hoax. In October 1988, he sent a BBS 6 station BBS (Sokr. From English. Bulletin Board System - Bulletin Board System) - This is a public electronic announcement board that provided fast exchange information between even the most remote points of the planet a large number of Virus reports, which is transmitted from a modem to a modem at a speed of 2400 bps. As a panacea, it was proposed to switch to the use of modems at a speed of 1200 bits / s. Like it is ridiculous, many users really followed this advice.

In November 1988, a global epidemic happened worry Morris 7According to the method of reproduction and the type of malicious load, all computer viruses are divided into viruses, worms and trojans. This will be described in more detail in the next chapter. . A small program written by a 23-year-old student of Cornell University (USA) Robert Morris used errors in the UNIX operating system security system for VAX and Sun Microsystems platforms. For the purpose of inconspicuous penetration of the ARPAnet network, the password selection (from the list containing 481 options) was used. This allowed to be masked for the task of legal users of the system. However, due to errors in the code harmlessly, the program has unlimitedly sent its copies on other network computers, launched them for execution and thus took everything network resources. Cervia Morris infected by different estimates from 6,000 to 9,000 computers in the United States (including NASA 8 Research Center National Aeronautics and Space Administration - National US Department of Aeronautics and Space Research) And practically paralyzed their work for up to five days. Common losses were estimated in at least 8 million hours of loss of access and over a million hours of direct losses for restoring system performance. The total cost of these costs is estimated at $ 96 million. The damage would be much more if the worm was originally created with destructive goals. Robert Morris also became the first person convicted of writing and distributing computer viruses - On May 4, 1990, a court was held, who sentenced him to 3 years conditionally, 400 hours of public works and a fine of 10 thousand US dollars.

It is noteworthy that in the same year, when the Morris epidemic was happened, the famous programmer Peter Norton (Peter Norton) spoke sharply against the existence of viruses. He officially declared them a non-existent myth and compared with fairy tales of crocodiles living in the sewage system of New York. This shows how low there was an antiviral security culture at the time.

Then, in 1988, the first well-known antivirus program was published, written by the English programmer Alan Solomon and was called Dr. Solomon "S Anti-Virus Toolkit. She won tremendous popularity and existed until 1998, when Dr. Solomon was absorbed by another manufacturer of antivirus - American Network Associates (NAI).

In December 1989, the first epidemic of the Trojan program - AIDS INFORMATION DISKETTE broke out. Its author sent around 20,000 disks with a virus to post addresses in Europe, Africa and Australia, abducted from the World Health Organization and PC Business World databases. After the launch, the malicious program was automatically introduced into the system, created their own hidden files and directory and modified system files. After 90 operating system downloads, all files on the disk became unavailable, except for one - with the message offered to send $ 189 to specified address . The author of Trojan, Joseph Popp (Joseph Popp), recognized later insane, was detained at the moment of checking the check and convicted of extortion. Actually, AIDS INFORMATION DISKETTE. - This is the first and only virus for mass distribution that used this mail.

In the same year a virus was discovered Cascade., Calculating the characteristic video effect - sweeping letters on the screen. Notable in that it served as an impetus for the professional reorientation of Evgeny Kaspersky on the creation of antivirus programs, being discovered on its working computer. After a month, the second incident (VACSINA virus) was closed using the first version of Antivirus -v, which several years later was renamed AVP - AntiViral Toolkit Pro..

Soon after, at the end of 1990, despite the loud statement of Peter Norton, who sounded two years earlier and where he authoritatively declared about the finance of the problems of viruses, the first version of the antivirus program was published. Norton Antivirus..

First publicly available design of viruses VCL (Virus Creation Laboratory), which is a graphic environment for developing viruses for the MS DOS operating system, appeared in July 1992. Starting from this point, anyone could easily form and write a virus. This year also laid the beginning of the era of viruses for Windows - the first virus was created, striking Microsoft Windows 3.1 executable files. However, since Win.Vir. The epidemics did not cause, its appearance remains almost inconspicuous.

Ilya Aleksandrov

History of computer viruses

They are already accustomed to them. School teachers of informatics are not afraid of them, they do not write about them on the first stripes of newspapers. But they continue to fulfill their destructive role in the life of users of computers.

Prerefficers of electronic epidemics

To say where and when the first virus appeared, it is impossible, since there are no such data in nature. If the "computer" of the Charles Babbja, the "father" of the first computing car, there were no viruses, by the mid-seventies of the last century they became very common and unpleasant for most phenomenon. Nevertheless, the prerequisites for their creation appeared almost immediately with the creation of the first computer.

Back in 1940, Mathematics John von Neuman wrote a book in which self-replicating mathematical machines were described, that is, the principles that have formed the basis of all viruses. In 1959, American science Magazine SCIENTFIC AMERICAN has published the article L. Penrose, who spoke about independently propagating biological structures. The author considered the ability of such structures to mutations, activation and reproduction. Another scientist, F. Stahl, obtained from this knowledge article implemented in practice. Working by the Operator in the Research Laboratory, he had access to the most powerful computer for that time - IBM 650. The experiment was very surprised by the strand, surpassing all his expectations. The resulting "mutation" of mathematical algorithms, the electronic "Zvek" deleted all the traces of his "parents", who were present in the system, after which she self-esteem.

Naturally, all of the above works and experiments were directed not in order for the current virus writers to throw out a new "infection" on the Internet megabytes. Initially, these studies belonged to the field of creating artificial intelligence were academic interest. However, any discovery made in peaceful purposesmay be without much difficulties turned into a powerful weapon of destruction.

In 1961, the game "Darwin" was very popular among the computer. Her plot and meaning were simple: the player led the "race," which was supposed to destroy its competitors. Won the one who captures the whole given under game process rAM. Special actions in the game did not need: it was necessary only to propagate the RAM to their free cells belonging to their race or grab the cells of the enemy. A similar algorithm is very similar to the logic of the work of destructive programs.

The wide distribution of computer networks has become a catalyst for the appearance of the first destructive programs - computer viruses.

70s: Start

The appearance of the world's first computer virus was recorded at the beginning of the 70s of the last century, when APRANET is on the expanses of the Military Computer Network modern Internet - Creeper was found. The virus was written for the Tenex operating system common in those times, in which it penetrated, spreading through a modem connection. The inscription is periodically displayed on the screen of infected computers: "I'm The Creeper: Catch Me If You Can". Creeper's destructive actions did not commit to only this message annoying users. A little later, the "Antidiet" was written for him - the Reaper program that found a virus file and removed it. It spread, by the way, similar to CreePer. It can be said that the world's first antivirus was created "by analogy with a malicious program."

In 1974, the "frequent guest" on various servers had a program with a cute animal husbandry name Rabbit. "Rabbit" nothing but the spread and reproduction of yourself, did not. The program has been reproduced at a huge speed, gradually occupying all system resources. Sometimes Rabbit even caused servers failure.

Another example is the PERVADING ANIMAL logic game for the EXEC 8 operating system, the meaning of which was guessing the user of the riddled animal program. If he could not succeed, the game offered to modernize it, after which it appeared the opportunity to ask additional leading questions.

The modified version of the program strangely started copying to other directories, with the result that after a while in all the hard disk folders contained a copy of Pervading Animal. Since at the time every kilobyte of space was "on the weight of gold", such a behavior of the game was happy. It is still not clear whether this is a programmer error or the idea of \u200b\u200bvirus writers. However, the problem was quickly solved - a new version Exec 8 operating system based on another type file Systemwhere the program clog file space could no longer.

80s: First epidemics

By the eighties of the last century, the computer stopped being a luxury available only to the chosen. PC owners are becoming more and more, in addition, the exchange of information between users using electronic announcements boards (BBS - Buletin Board System) has achieved an international scale.

In 1981, a truly massive viral epidemic occurred. Computers II computers are widespread at that time. The Elk Clone virus was recorded in the boot sectors of the diskette at the time of accessing the user. ELK Clone distorted the image on the monitor, displayed various text messages, forced the text to flash. Increhensive users have shown from the actions of the virus to a stupor, while he continued to "move" from one computer to another.

In 1983, the American programmer Len Aidelman for the first time used the term "virus", which he identified self-magazing programs.

In 1986, a 19-year-old Pakistani bassita Faruk Alvi wrote a Brain virus. As well as ELK Clone, Brain hit the boot sector floppy disks. The program was not focused on any devastating functions, it only changed the label of all disks on "(c) brain." According to the author, he chased only one goal - to find out the level of computer piracy in his country. But after a few weeks after the activation of the virus, thousands of computers around the world were infected, which caused a real perolet among users and a storm of discussions in the media. In Brain, the reception was first used when, when reading an infected disc sector, the virus was substituted instead of the selected section.

In 1988, the first malicious program was created, which did not just infect the computer, but also applied to him with real harm. This virus was created at the University of Lehi, in which, by the way, he had previously mentioned Fred Cohen. Lehigh virus destroyed information on disks, hitting system files Command.com. The presence of qualified specialists at the university was salvation - he did not get his way for the walls of the educational institution. However, a considerable role in eliminating the threat of an epidemic was played by the algorithm of Lehigh itself - during the formatting of the Winchesters, he self-deducted with the rest of the information.

At the same time, the software that defended computers from viruses is actively developing. Antivirus programs The time was simple scanners that were trying to detect viral code in programs through contextual search. Another common "medicine" from malicious programs of that time was "Immunomizers". This type of software modified all programs in such a way that the viruses consider them already infected and did not perform any actions in relation to them. After the amount of viruses increased thousands of times, the use of immunizers was already useless.

Antivirus firms most often consisted of two or three people and their products were sold for the symbolic amount or distributed free. But the prevalence protective programs It was very low, and the continuous appearance of new viruses made them powerless. The Internet at that time did not have time to "break out" from the "hugs" of scientists and the military, and it was almost impossible to be updated without the presence of a global network.

In the mid-1980s, the term "Virus Hoax" appeared - "viral hoax". At the end of the eighties, users were panically afraid of viruses: myths about programs that are out of order of the PC hardware, excited the mind of each computer owner. Virus Hoax was nothing more than false rumors about new computer epidemics. A story is remembered when one joker sent to different BBS messages about the appearance of a new virus, which spread through modems that operated at a speed of information transfer 2400 bits per second. In order not to infect the virus, the author recommended switching to modems at a speed of 1200 bits / s. And what do you think? The mass of users threw faster modems for their "security".

In 1988 there was a first epidemic caused by a network computer virus. Subsequently, such viruses became referred to as "worms". Created by some Robert Morris, the program struck computers working under UNIX OS. The creator's plans did not make harm to the system, the worm had only to penetrate the ARPANET network and remain unnoticed there. The virus had the ability to open passwords in the OS, and in the list of executing processes, the Morris's brainchild was displayed as an ordinary user process. The worm rapidly self-impeded and devoured all the free resources of the computer, as a result of which whole servers were out of order. Some of them were able to return to work only five days, since the vaccines against the worm did not exist. During his "walking around the world", the virus struck about 6,000 computer systems, torn even computers of the NASA research center. Robert Morris got 400 hours of public works, but entered the story as the author of the first devastating network worm.

90s: polymorphic viruses

In the early 90s of the last century, the English company Sophos, which worked by Jan Khuchar, Ed Wilding and Peter Layer, began to release the magazine Virus Bulletin. Virus Bulletin talked about computer viruses, as well as about all aspects of protection against them. The authors of the magazine were programmers, managers antivirus companies, software developers. The magazine was non-profit: in his entire history, it was not printed in it advertising announcement. Because of this, Virus Bulletin was not widespread. Its readers were mostly professionals in the field of IT (information technology), as well as employees of computer firms.

In 1990, a new type of malicious programs appeared - polymorphic viruses. The "polymorphism" was named technology at which the virus could not be found by a scanner who sought viruses using fragments already known malicious code. Polymorphism allows programs to generate code during execution, with the result that a copy of the virus on each new infected computer will differ from the previous one. The first such virus was Chameleon, written by Mark Kabi. After the appearance of polymorphic programs, an integral part of the antivirus was an emulator for the decryption of codes used by Evgeny Kaspersky.

In the same year, in Bulgaria, which was the center of world virus, a specialized BBS appeared, with which every wishes could download malicious programs. Conferences devoted to programming viruses appeared in UseNet.

At the same time, the book "Little Black Book On Computer Viruses" Marka Ludwig was published. She became the "Bible" of all the creators of viruses. The so-called "VX-scene" was formed - a community of programmers specializing in creating computer viruses.

Malicious program designers

In 1992, a hacker, known under the nickname Dark Avenger, released the MTE utility (Mutation Engine). With it, anyone, even the most primitive virus could be made polymorphic. The Peach virus endowed with the ability to bypass anti-virus software was created by the same person. Peach removed the database of the CENTRAL POINT AntiVirus program. This program, without finding a database, believed that it was launched for the first time, and created it again. Thus, the virus has progressed and continued to infect the system.

A group of programmers known on the network like Nowhere Man released VCL virus designer (Virus Creation Laboratory). From now on, any schoolboy, even who does not own programming languages, could be armed with the designer and collect a virus of any type and destructive power. With the advent of VCL, and so considerable "stream" of new computer pests was just huge. Is it wondering that a few days after entering the light of Windows 3.11, the first destructive program for this platform appeared? Win.vir_1_4 hit the executable operating system files, leading some of them to disrepair.

The first arrested virus writer

During 1993-94, the light saw new virus designers: PS-MPC and G2. Malicious programs generated by them became the most common danger on the Internet.

At the same time, a real "boom" was held among antivirus manufacturers - their programs finally became the mandatory component to almost any OS. Even Microsoft decided to penetrate the security market, which released Microsoft Antivirus (MSAV). Initially, the program was popular, but later the largest software manufacturer in the world stopped developing the product.

Leadership in this area gradually won the company Symantec, part of which became the largest antivirus software manufacturers: Central Point and Fifth Generation Systems.

The epidemic of a new polymorphic virus, Pathogen, was no longer an event out of a series of outgoing, all the events were all started to get used to this. However, it was the first virus that was found and convicted. The unemployed Christopher Paul for creating malicious programs was sentenced to 18 months in prison.

Attack on Microsoft.

In 1995, all the discovered disks with the operating windows system 95 were infected with the Form boot virus. Fortunately, one of them discovered non-carry, and on the counters of the stores there was a normal, unreleased system.

In August of the same year, the first MacroVirus appeared, written in WordBasic, built into text editor MS Word. CONCEPT Macrowurus was infected with hundreds of thousands of computers around the globe, as a result of which he has long been leading in statistical studies of computer journals.

In 1996, the first epidemic was survived windows users 95 - their computers were amazed by the boza boot virus. In July of the same year, macrovirus creators switched from Word to MS Excel spreadsheet editor, releaseing the Laroux virus for it.

It was not forced to wait and resident viruses using the "zero ring" of the OS. Win95.punch loaded into the system as a VXD driver, intercepted access to files and infected them.

Anti-virus slots

By 1997. operating system Linux, previously considered a stronghold of "purity and stability", was no longer a platform free from viruses. Linux.bliss, distributed through the Usenet conferences, infected executable files of this OS.

In the same year, two new types of worms spread through IRC and FTP were noted. Of particularly large amounts could "boast" IRC, in many respects because of its popularity, as well as numerous "holes" MIRC - the main client of such networks.

Under the end of the twentieth century, the scandals among antivirus producers began to be frequent in pursuit of leadership. Thus, McAfee's representatives announced that its programmers found a mistake in Dr.Solomon's antivirus. The essence of the statement was reduced to the fact that Dr.Solomon's could find new and technically advanced viruses only in a special "enhanced" mode, which switched only after finding ordinary, primitive worms. As a result, the antivirus showed good high-speed results when scanning unreleased discs, and excellent detection indicators when working with infected files. In response, Dr.Solomon`s filed a lawsuit to the court on McAfee, the cause of which was the "incorrectly built advertising company". As a result, the whole "fuel" ended with the purchase of McAfee control package of DR.Solomon`s.

After some time, a public statement was made by Taiwanese developers from Trend Micro, accused McAfee and Symantec in allegedly "violations of their patent for data scanning." The world was immediately represented by evidence of "sinless" companies, but Trend Micro has achieved its own, having received excellent free advertising in the media.

The most destructive viruses

Continue a detailed history of computer viruses up to this day does not make sense, since hundreds and thousands of new malicious programs occur annually. I will be limited only by a brief story about the most famous viruses that appeared after 1997:

CIH (1998) - The damage caused by the virus was about 80 million dollars. The virus was written by a programmer from Taiwan, and became one of the most destructive in history. "Chih" infected executable files and activated every year on April 26 - on the day of the anniversary of the accident at the Chernobyl NPP. CIH overwriting Flashbios, after which motherboards Become unsuitable for use. The first and last virus that caused the harm to the PC hardware.

Melissa (1999) - On March 26, 1999, this Macrowurus, spread by e-mail, infected about 20% office computers around the world. The largest corporationssuch as Intel, were forced to stop working inside their local networks. Damage - from 300 to 500 million dollars.

Iloveyou (2000) - Script written on Visual Basic macro-language. Just like Melissa, spread by email with the letter "I Love You". The virus sent its copies according to all the address book data. mail client. All logins and passwords found by the worm on the computer were sent to the author's author. The latter, by the way, did not try to hide: he is a resident of the Philippines, where punishments for computer crimes are not provided.

Code Red (2001) - Network worm that uses an error in network service Microsoft IIS. On a given day, infected computers were to start a DDoS attack on the list of various servers, among which were the US government systems. Huge scales of the epidemic and as a result - losses of 2.5 billion (!) Dollars.

Blaster (2003) - Network worm that has displayed a message about the need to reboot on infected computers. A few days after its release on the Internet (August 11), millions of computers around the world were infected.

Sobig.f (2003) - Network worm, spread by email. Breeding with a huge speed of the virus downloaded on the infected computer additional files, "Burning" traffic and system resources. An interesting feature - September 10, the virus stopped its activities, no longer representing the threat to the user. Author Sobig.f, for information about which Microsoft offered 250 thousand dollars, not found so far.

Bagle (2004) - Network worm, distributed by classical method using file attachments in emails. A special "loophole" was installed on the infected computer, through which the attacker received full access to the system. The virus has more than a hundred modifications.

MyDoom (2004) - In January 2004, this virus lightningly spread throughout the Internet, as a result of which the average speed of downloading sites in the global network decreased by 50%. The worm owns a record for the speed of distribution: less than a day was infected by about two million computers. The exact figure is impossible due to the scale of the epidemic. The virus was created by an unknown programmer as an experiment, and independently ceased its activities on February 12 of the same year.

Sasser (2004) - The virus caused a "break" in the work of French satellite channels data transfer, canceled some airlines, not to mention ordinary computerswhose work was completely suspended. Sasser distributed thanks to the error in the Windows 2000 and XP security system, starting the port scanner on the infected computer. The virus was written by a 17-year-old German schoolboy. Interesting the fact that the guy launched the virus on the network on the day of his majority.

No end and edges

The history of computer viruses is not fully completed, continuing today. Perhaps while you read these lines, some provincial programmer writes new virus, even more cunning and destructive than all of the above.

Well, it remains only to us to hope for the mercy of the manufacturers of antiviruses and follow the security of their systems.

application

Viruses for mobile devices

In 2000, a virus was first found for the Palmos platform. The PHAGE.936 program passed between the PDA during transmission through the IR port. In infection pocket computer Some files could be deleted, and applications are often spontaneously closed. Since then, several dozen viruses have appeared for various PDA platforms, although they are not so diverse and "bending" as their "counterparts" for personal computers.

To date, the malware for smartphones do not cause surprise. The first virus for Symbian OS, became the Cabir virus. He did not commit any destructive actions and was created only to demonstrate the potential susceptibility to mobile devices to viral attacks and epidemics. The worm spread through Bluetooth connections. How many more remaining to wait until the appearance of truly destructive viruses for mobile devices will show time.

1. http://www.viruslist.com/en - viral encyclopedia, a description of all viruses. News and analytical reviews.
2. http://vx.netlux.org - magazines, articles about viruses. Source codes and manuals.

Dmitry Moroz

In contact with

The very first viruses were harmless. These were experiments - such as one of the first viruses "Creeper", which simply displayed the message "I'm A Creeper: Catch Me If You Can". Their distribution was limited to home networks (CREEPER existed on Tenex OS). It was in 1971.

Now there are millions of viruses spreading through the Internet by all sorts of ways - file distributions, e-mail, sites. When everything is connected with everything, viruses spread quickly. Protection against viruses is a profitable business.

It started pretty slow and much earlier than it could be assumed. The first viruses spread through offline - they worked with floppy disks and were transferred to them between computers. Who invented the virus?

The first MAC virus was written as a teenage joke. The first PC virus was made to combat piracy.

Elk Cloner.

I joked over the peers, changing copies of pirated games so that they self-deal through a certain number of launches. I distributed the games, they were sitting on them, and then she suddenly stopped working and gave out some funny comment on the screen (sense of humor of nine-grader).

As a result, friends stopped letting Scrent to their floppy disks. He stopped leaving games, everyone stopped playing his toys, etc. But he did not asson. He began to study instructions and descriptions, trying to find an apple II security hole. And he came up with a way to perform the code, not triggering into floppy disks.

"I invented leave a certain trail in the OS on a working school computer. If the next user did not restart the computer from his disk, his disc was exposed to my code. "

He wrote the code on the assembler, and called him ELK CLONER. It became the fact that they were subsequently called the "virus for the boot sector." When an uninfected disk was inserted into the drive of an infected computer, he infected the disc, recording a copy of the virus to it into the boot sector. This code is automatically performed when loading. By bringing a contaminated disk to another computer, and loading from it, the man infected this computer with a copy of the virus.

The virus interfere with the computer's work slightly, and on the 50th launch, instead of launching the program, it turned out a whole poem on the screen:

ELK CLONER: Personal Program

Crawl on your discs
Will penetrate your chips
Yes, it's a clone!
Sticks like glue
Run will be corrected
Send a clone soon.

Due to the deferment of the appearance, the program could not immediately notice that improved the chances of distribution. The epidemic lasted for several weeks.

The program reached the computer of the screit teacher, accused him of penetrating him into the office. The virus picked up the relatives of the screit from Baltimore (he himself lived in Pittsburgh himself), and after many years he heard about the case of a computer infection that belonged to some sailor.

Brain.

For IBM PC there was a Brain virus. He also settled in the boot sector. He was written by brothers Basit and Amjade Faruk Alvi from Pakistan in 1986. They were 17 and 24 years old.

The brothers had a computer company Brain Computer Services, and they wrote the virus to keep track of pirated copies of their medical software. The pirated program has exhausted the RAM, slowed down the disk operation, and sometimes interfered with the data to save. According to the brothers, it did not destroy the data. The program contained the following message:

Welcome to the Dungeon 1986 Basit & Amjad (PVT) Ltd. Brain Computer Services 730 Nizab Block ALLAAMA IQBAL Town Lahore-Pakistan Phone: 430791,443248,280530. BEWARE OF THIS VIRUS ... CONTACT US FOR VACCINATION ... $ # @% [Email Protected]!!

Welcome to the dungeon ... Take care of this virus ... Contact us for treatment ...

Real contacts were indicated in the title. When someone called them for help, they could identify a pirated copy. Also, the virus calculated the number of copies made.
They found that piracy was widespread, and copies of their programs spread very far. Amzhad says that their first call came from the USA, Miami.

Brothers Alvi in \u200b\u200b2011

It was the first of the many calls from the United States. The problem was that Brain was distributed over other diskettes, and not only through copies of their program. At the University of Delaware, the epidemic of this virus even happened in 1986, and then he appeared in many other places. There was no lawsuit filed, but in the newspapers they wrote a lot. The creators even mentioned in the magazine Time Magazine in 1988.

New York Times wrote in May 1988: "Daring computer programThat this month appeared on the Providence Bulletin computers, destroyed the files of a correspondent and spread through floppy disks throughout the newspaper network. The computerists believe that this is the first case of infection of the American newspaper's computer system such a supper program, which is called a computer "virus".

Alvi brothers had to change the phones and remove contacts from late versions Virus. Sales programs they stopped in 1987. Their company has grown in the telecommunications provider and now it is the largest provider in Pakistan. It is located all at the same address.

And now - Chaos

Scrantom in 2012

Screen worked in the area information securityAnd now he is CEO BLEKKO, which is engaged in the search technology.

Although there are no disks for a long time, viruses in boot sectors exist. Now they work with USB flash drives. Since physical media are less used to transfer data that the days of loading viruses are considered.

War with viruses moved to online. Scranty said in an interview: "It is sad that there is such a large antivirus industry. It is necessary to make more protected systems, and not organize a multimillion industry to clean the existing. "

The Alvi's scanta and brothers do not feel guilty for the fact that the hellish procession of malicious programs in the world. "Jin would get out of the bottle in any case," wrote a scant in the blog, "I was interested to be the first one who released it."