This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Computer Viruses

From OWASP
Revision as of 19:25, 5 September 2008 by KirstenS (talk | contribs)

Jump to: navigation, search

ASDR Table of Contents


Description

A Computer Virus is a small program designed to cause some kind of damage in the infected computer, eitheir deleting data, either capturing information, either by altering the normal operation of the machine.

Like the human virus has different levels of gravity, such as the Ebola virus and the influenza virus, the computer virus range from slightly disturbing to totally destructive. A real virus does not spread without human action, we need to send someone a file or send email to it from spreading. The virus can be disguised as attachments of image. audio and video.

The first computer virus was written in 1982 by a young student secundarista the U.S with 15 years old, called Rich Skrenta. This computer virus was identified as Elk Cloner and affecting the Apple II system and not caused major problems. This virus shows a small poem on the screen, it was able to make copy of itself when a floppy was inserted into the computer. When the media was used in another system, the process is spreading.

In general way there is 3 main type of computer virus:
Boot Virus - They staying in the boot sector of the floppy and in the Master Boot Record (MBR) of hard discs.

Macro Virus - They are the most common and most easily created, but less harmful. The virus of macro use a macro language of the application (such as Visual Basic or VBScript) to infect and duplicate documents and models. They attack any platform, but generally are made for Microsoft Office, using the programming environment from Microsoft for self-implementing the code of macro viral. When an infected document is opened, the virus infects runs and the models of the application user and can insert words, numbers or phrases in documents or unwanted change of command functions. Once a macro virus from the infected machine of a user, it can incorporate all the documents created in the future with the application.

Program Virus - Normally be enforced with extensions .com, .exe and .bat and are activated only with a command from the user. Many of them are sent by e-mails or Instant Mesages.

Risk Factors

A Computer Virus could steal or delete information, make the computer slower or simply mess with the Operational System. In present days the most commom are virus to steal information from Internet Banking, so the attacker can transfer your money to his account, pay bills or buy something in the Internet.

Examples

Some famous and dangers computer virus:
Chernobyl or Spacefiller in april 26 if the computer is infected the virus is activated and deletes the content of ROM memory (BIOS).

Melissa it's a computer virus that comes by e-mail attaching a Microsoft Word document, when this message is opened, the virus is activated and infect the file Normal.dot, then every document created by this text editor is infected and automatically send a infected e-mail for the first 50 contact from the catalog of the Outlook Express.

Codered virus attacks the Microsoft IIS 4.0 and 5.0 modifying the main page with the message "Welcome to http:// www.worm.com ! Hacked By Chinese!" and also program the infected computer to make a denial-of-service attack to the White House website (www.whitehouse.gov).

Related Attacks

TBD

Related Vulnerabilities

TBD

References