The Evolution of Computer
Viruses:
Although
they have existed since 1970, when ordinary people did not even have computers
in their homes, the first computer viruses that attacked personal computers
began to spread in the early 1980s. Everything was so primitive that most of
them were spread physically, through Floppy. Their existence was more of
an experiment than an actual attack: many simply had no consequences; others
did nothing, most were simple jokes and generally no more than a mere nuisance.
When talking about this type of software,
the term virus is often used to refer to all types of "computer
viruses", although the classification of malicious software of this type
is extensive and there are many differences in concept and techniques between
them. Viruses add to and spread to existing programs. Worms, on the other
hand, are similar to viruses, but do not need other programs to spread; the Morris
worm marked a milestone in 1988 by being one of the first to spread
massively on the Internet. Over time other variants of software of this
type emerged that uses the characteristics of viruses and worms to do something
bad: Trojans, adware and spyware are some of the terms.
The race between what a virus or worm does
and what the next version, variant or generation does when the first is
cornered and nullified is simply incredible. This could be a small and
necessarily incomplete summary of that eternal struggle that is far from over:
The first viruses spread through executable files when
users exchanged floppy disks; over time, they settled in the boot
sector of disks, ensuring that they infected the computer
if the user voluntarily or unintentionally booted the computer from the disk
drive. When modems became popular, viruses were taking advantage of BBS and web
sites. file sharing to spread; Trojans also
emerged :Seemingly legitimate programs that were
actually malicious software that when run was capable of deleting files or
worse (some would ask for ransom money in exchange for not wiping the computer)
When users learned not to trust floppy disk swaps and to check the files they downloaded with an antivirus (normally, executable .EXE files were the target), viruses appeared in the macros: applications such as Excel, Word or PDF files include programming languages powerful enough to allow the performance of a dangerous and harmful virus. To spread over the Internet, viruses learned to send themselves by email; Sometimes they are sophisticated enough to impersonate other people or write messages that seem real. Some copy pieces of previous messages from a conversation to make it look like they were written by someone real. They use what is often called "social engineering" to fool people. What started as a joke or an experiment turned into something more serious: many viruses spread with the aim of stealing passwords (This is called "spyware"). They do this by installing themselves on the computer and intercepting all the web pages that the user visits, or by copying everything that is typed on the computer. Some are also capable of looking for bank account numbers, cards or juicy accounts of sites like PayPal or electronic stores in which transactions are carried out.
Many
viruses try to go completely unnoticed after infecting the computer, and with
good reason: among the evils what they do is send spam emails in bulk when the
computer is not in use.
Millions
of computers are currently infected by malicious software that has spread like
viruses and has turned those computers into zombies or botnets. Its
mission is to take advantage of computer resources to carry out massive
coordinated attacks on other machines, download illegal files and serve as a
remote archive, make fraudulent clicks on advertising pages (adware) or worse.
When antivirus detects a
virus they learn to identify it because it increases the size of the files in
which they spread, or the date of the files changes, however, viruses learned
years ago to hide themselves so as not to be detected by antivirus. Many intercept the operating
system to make they invisible, others appear not to have modified the sizes of
the files.
To avoid being identified by searching for
patterns (pieces of text or code that always repeats themselves) viruses
evolved and they travel
rewritten with secret encryption, so they look different every time. In
many cases even the code to decrypt the original virus is also different. Some antivirus software act
as "emulators" of the operating system when checking for viruses, but
these little beasts have learned to defend themselves by detecting
when they are running under emulation, or changing their own code every time
they infect another file. One of the most Machiavellian
techniques, raised by the experts, refers to viruses that take full control of
the machine and become a kind of "emulators" called virtualizes,
under which it works the operating system as if nothing had happened.
As the
virus is in control of the operating system, it can fool the antivirus without major problem, but
since the antivirus is on a kind of "different plane of existence",
it is unable to detect the virus, which is always above it. It is believed
that this is one of the maximum sophistication that can be reached, since it is
theoretically impossible for a computer to know if it is running on a
"simulation", and therefore the antivirus would face an unsolvable
problem.
No comments:
Post a Comment