Security Friday: Anatomy of a PC Virus

The common cold infects a person’s respiratory system, manifested by sore throat, runny nose, sneezing, and cough. It spreads through the air when an infected person coughs and sneezes, and through contact with an infected person’s saliva or nasal emissions. The common cold virus breaks into cells within the lining inside our noses and settles there, using the cells’ ability to multiply for it to spread and infect its host. Worse comes to worst, common cold can lead to sinusitis, pneumonia, or even bronchitis, if not properly treated. That’s how human viruses work.

Computer viruses, on the other hand, are so named because they live up to their organic ancestors’ name and culture: invade, inhabit, infect. However, a computer is far complicated a host than a human. Let’s see how a virus penetrates the complex innards of a computer and promotes damage.

Invade

Coded, tested, and released by certain malicious programmers, computer viruses are little programs that love “piggybacking” on, say, a Word document or an e-mail attachment (or they may even be the e-mail attachment itself). Like how a common cold virus uses cells to multiply, a computer virus injects itself on some computer file. It waits for its host computer file to be accessed, as it can only launch itself when its host launches too.

A virus has specific entry techniques that determine its function, release, and spread on a computer host. This destruction seems to be the kind of thrill virus programmers share with arsonists, vandals, and psychotic criminals, only the programmers do it virtually. And bragging rights seem to fuel the programmers’ fiery but wicked passion, along with the sense of superiority given by doing damage to other unwary victims.

Inhabit

What if somebody opened that Word document where a virus is attached to? Since the document received a stimulus to open, the virus attached to it is activated as well. During this phase, the virus launches itself, as it “feels like” it received the stimulus directed at the computer file.

In the early 80’s, when there were only programs and operating systems, an accessed virus simply settles at the computer’s memory, giving it a bird’s eye view of the whole computer disk. It then searches for other basic files to inhabit with a copy of itself. Then, at the background of a computer system where files run obscurely, the virus activates the inhabited file to continue its reproduction, much like how a common cold virus spreads from one cell to another. This makes it easy for a virus to spread as long as the computer is on.

Computer viruses evolved with the help of the computer’s boot sector, the very first program in the operating system that the computer accesses. They targeted it to guarantee 100 per cent that the virus is accessed, since once the boot sector loads into the memory, the virus is sure to follow. Through this, even the floppy disks (which have their own boot sectors) were unsafe from virus attacks.

Although this inhabiting process still works today, they aren’t as threatening as before because of the explosive increase in size of programs that they can no longer come along with a computer set purchase. The birth of compact discs or CDs killed the boot sector virus’ chance to spread simply because CDs cannot be modified, so there’s no way for a virus to copy itself to the program anymore. Also, operating systems developed a safety measure to safeguard itself from boot sector viruses, too. However, the virus legacy lives on.

Infect

Surely, a virus wouldn’t be extremely feared today if all it can do is copy itself repeatedly. In the evolution of computer viruses, malicious programmers started resorting to the networks, specifically to the Internet, to spread damage, and not only inhabit but infect computer hosts as well. It only needs a trigger, something like a date or an action from the user, to start “attacking” its host computer or system.

But how, exactly, does a virus “infect” using the Internet? The electronic messaging system or e-mail is the best example to illustrate this.

The Melissa Virus

Let’s take 1999’s Melissa virus for example. The Melissa virus has a destructive phase coded by its programmer. It looks like a Word document attached in an e-mail message. When a person downloads the document and opens it, the virus is then activated. It would immediately send the same document, and itself as well, via a harmless e-mail message to the first 50 people in the e-mail owner’s address book. In turn, the recipients who also download and open the document will unknowingly send the disguised virus to the first 50 people in their address book, further continuing the infection at an increasingly fast rate. This virus caused major chaos companies, forcing them to shut their businesses down.

Microsoft Word actually has a built-in programming language, and the Melissa virus took advantage of this, giving it the ability to modify files and send e-mail messages. Further, it also has an auto-execute feature, which was instrumental for a virus to act on its own, free from a user’s intervention. By that, anyone who opens the document activates the Melissa virus. Extending its infection, the virus also infect the essential Microsoft Word template called Normal.dot, making all succeeding document files created contain the virus. Really, it was a very detrimental to e-mail subscribers. And this is just one of them.

Viruses are the greatest threat to your computers, but there are others, too, that share the spotlight with it.

Under the Infamous “Virus” Name

According to the classical myth, the Trojan horse was a seemingly harmless gift the Greeks left at the gates of Troy. It actually contained Greek soldiers who attacked during the time the Trojans were asleep after drinking hard for their assumed victory. The IT version of a Trojan horse works the same way. The program seems to do one harmless function, but instead causes destruction when launched. But unlike viruses, Trojan horses cannot replicate.

On the other hand, computer worms are like viruses when it comes to inhabiting a computer, but worms do not stop replicating within just one host. A worm really does not need a host. It will just scan the network, search for a computer with a security hole and exploit it, then copy itself to that computer. Every infested computer then creates more copies of the worm into other computers in the network as well, but they really do not cause any damage, except for eating up computer processing time and network bandwidth, which could have been used productively.

Other virus-like programs are adware, or formally advertising-supported software, which puts up advertising material to a computer even without the user’s permission. Spyware, on the other hand, interrupts or even takes control over the interaction between a computer and its user, oftentimes without the latter’s permission. Hijackers are programs that often take full control of a computer’s functions while dialers make phone calls and connect to other computers using your computer connections without your consent. You will either lose computer control from hijackers, or lose money from dialers, which put the charges it did on your account.

Similar to organic viruses, computer viruses are “curable” in a number of ways. But still, prevention is better than cure, so be wary.

You can receive our articles for free on your email inbox, with more tech and web news, funny games and interesting links. Just enter your email below:

Categories

• Browsers
• Funny Stuff
• General
• Internet
• Media
• Mobile
• Online Marketing
• Online Video
• Open Source
• Programming
• Search Engines
• Security
• Social Networks
• Software
• Web 2.0
• Web Design
• Web Tools

Our Network

• Daily Bits
• Daily Blog Tips
• Daily Writing Tips
• Advertise