It's important to have an antivirus program on your computer, and to keep it up to date. But you shouldn't use more than one suite, as multiple antivirus programs can interfere with one another. Here's a list of some antivirus software suites:.
Several major computer viruses debuted in In the next section, we'll take a look at Code Red. Both worms exploited an operating system vulnerability that was found in machines running Windows and Windows NT. The vulnerability was a buffer overflow problem , which means when a machine running on these operating systems receives more information than its buffers can handle, it starts to overwrite adjacent memory.
That means all the computers infected with Code Red tried to contact the Web servers at the White House at the same time, overloading the machines. That's because the worm creates a backdoor into the computer's operating system, allowing a remote user to access and control the machine. In computing terms, this is a system-level compromise , and it's bad news for the computer's owner.
The person behind the virus can access information from the victim's computer or even use the infected computer to commit crimes. That means the victim not only has to deal with an infected computer, but also may fall under suspicion for crimes he or she didn't commit. While Windows NT machines were vulnerable to the Code Red worms, the viruses' effect on these machines wasn't as extreme.
Web servers running Windows NT might crash more often than normal, but that was about as bad as it got. Compared to the woes experienced by Windows users, that's not so bad. Microsoft released software patches that addressed the security vulnerability in Windows and Windows NT. Once patched, the original worms could no longer infect a Windows machine; however, the patch didn't remove viruses from infected computers -- victims had to do that themselves.
What should you do if you find out your computer has been hit with a computer virus? That depends on the virus. Many antivirus programs are able to remove viruses from an infected system. But if the virus has damaged some of your files or data, you'll need to restore from backups. It's very important to back up your information often.
And with viruses like the Code Red worms, it's a good idea to completely reformat the hard drive and start fresh. Some worms allow other malicious software to load onto your machine, and a simple antivirus sweep might not catch them all.
Another virus to hit the Internet in was the Nimda which is admin spelled backwards worm. Nimda spread through the Internet rapidly, becoming the fastest propagating computer virus at that time. The Nimda worm's primary targets were Internet servers. While it could infect a home PC , its real purpose was to bring Internet traffic to a crawl. It could travel through the Internet using multiple methods, including e-mail. This helped spread the virus across multiple servers in record time.
The Nimda worm created a backdoor into the victim's operating system. It allowed the person behind the attack to access the same level of functions as whatever account was logged into the machine currently. In other words, if a user with limited privileges activated the worm on a computer , the attacker would also have limited access to the computer's functions.
On the other hand, if the victim was the administrator for the machine, the attacker would have full control. The spread of the Nimda virus caused some network systems to crash as more of the system's resources became fodder for the worm. In effect, the Nimda worm became a distributed denial of service DDoS attack. Not all computer viruses focus on computers.
Some target other electronic devices. Here's just a small sample of some highly portable viruses:. Next, we'll take a look at a virus that affected major networks, including airline computers and bank ATMs. Many computer networks were unprepared for the attack, and as a result the virus brought down several important systems. The Bank of America's ATM service crashed, the city of Seattle suffered outages in service and Continental Airlines had to cancel several flights due to electronic ticketing and check-in errors.
The progress of Slammer's attack is well documented. Only a few minutes after infecting its first Internet server, the Slammer virus was doubling its number of victims every few seconds. Fifteen minutes after its first attack, the Slammer virus infected nearly half of the servers that act as the pillars of the Internet [source: Boutin ].
The Slammer virus taught a valuable lesson: It's not enough to make sure you have the latest patches and antivirus software. Hackers will always look for a way to exploit any weakness, particularly if the vulnerability isn't widely known. While it's still important to try and head off viruses before they hit you, it's also important to have a worst-case-scenario plan to fall back on should disaster strike.
Some hackers program viruses to sit dormant on a victim's computer only to unleash an attack on a specific date. Here's a quick sample of some famous viruses that had time triggers:.
Computer viruses can make a victim feel helpless, vulnerable and despondent. Next, we'll look at a virus with a name that evokes all three of those feelings. The MyDoom or Novarg virus is another worm that can create a backdoor in the victim computer's operating system. The original MyDoom virus -- there have been several variants -- had two triggers. One trigger caused the virus to begin a denial of service DoS attack starting Feb. The second trigger commanded the virus to stop distributing itself on Feb.
Even after the virus stopped spreading, the backdoors created during the initial infections remained active [source: Symantec ]. Later that year, a second outbreak of the MyDoom virus gave several search engine companies grief. Like other viruses, MyDoom searched victim computers for e-mail addresses as part of its replication process. But it would also send a search request to a search engine and use e-mail addresses found in the search results.
Eventually, search engines like Google began to receive millions of search requests from corrupted computers. These attacks slowed down search engine services and even caused some to crash [source: Sullivan ].
MyDoom spread through e-mail and peer-to-peer networks. According to the security firm MessageLabs, one in every 12 e-mail messages carried the virus at one time [source: BBC ]. Like the Klez virus, MyDoom could spoof e-mails so that it became very difficult to track the source of the infection. Not all viruses cause severe damage to computers or destroy networks.
Some just cause computers to act in odd ways. An early virus called Ping-Pong created a bouncing ball graphic, but didn't seriously damage the infected computer. There are several joke programs that might make a computer owner think his or her computer is infected, but they're really harmless applications that don't self-replicate.
When in doubt, it's best to let an antivirus program remove the application. Next, we'll take a look at a pair of viruses created by the same hacker: the Sasser and Netsky viruses.
Sometimes computer virus programmers escape detection. But once in a while, authorities find a way to track a virus back to its origin. Such was the case with the Sasser and Netsky viruses. A year-old German named Sven Jaschan created the two programs and unleashed them onto the Internet.
While the two worms behaved in different ways, similarities in the code led security experts to believe they both were the work of the same person.
The Sasser worm attacked computers through a Microsoft Windows vulnerability. Unlike other worms, it didn't spread through e-mail. Instead, once the virus infected a computer, it looked for other vulnerable systems. It contacted those systems and instructed them to download the virus. The virus would scan random IP addresses to find potential victims. The virus also altered the victim's operating system in a way that made it difficult to shut down the computer without cutting off power to the system.
March 29, Web posted at: p. According to antivirus researchers, Melissa first appeared Friday in a sexually oriented newsgroup, and was it seemed everywhere on the Internet in a matter of hours.
Melissa is a Microsoft Word macro virus that infects your PC as soon as you open its e-mail attachment. Because it grabs names from Microsoft Outlook address books and resends itself, it has the potential of causing a domino effort of cascading e-mail messages that can bring even the largest mail servers to their knees. Some companies have shut down their outgoing mail in response.
Companies that make antivirus software spent a busy weekend coming up with updates that detect and remove Melissa. Protect yourself Although Melissa is one of the most "successful" viruses ever, you don't have to be a victim. Let IDG. The name may be a familiar one to you, especially if it pulled your address from a computer of a friend or business associate.
The message text says, "Here is the document you asked for If you delete it, you're safe. And if you don't use Microsoft Word 97 or the prerelease version of Word , breath a sigh of relief: Melissa can't infect your computer. If you use Word 97 or Word , but don't use Microsoft Outlook, Melissa can't grab your e-mail addresses and propagate itself. But it can still infect your computer, and while it doesn't appear to do more than send out more such messages, its other potential effects aren't completely understood yet.
In late , the creator of Zeus announced his retirement but many experts believe this to be false. Also known as Downup or Downadup , Conficker is a worm of unknown authorship for Windows that made its first appearance in The name comes form the English word, configure and a German pejorative.
It infects computers using flaws in the OS to create a botnet. The malware was able to infect more than 9 millions computers all around the world, affecting governments, businesses and individuals.
The worm works by exploiting a network service vulnerability that was present and unpatched in Windows. Once infected, the worm will then reset account lockout policies, block access to Windows update and antivirus sites, turn off certain services and lock out user accounts among many. Then, it proceeds to install software that will turn the computer into a botnet slave and scareware to scam money off the user.
Microsoft later provided a fix and patch with many antivirus vendors providing updates to their definitions. Believed to have been created by the Israeli Defence Force together with the American Government, Stuxnet is an example of a virus created for the purpose of cyberwarfare , as it was intended to disrupt the nuclear efforts of the Iranians.
The computer worm was designed to attack industrial Programmable Logic Controllers PLC , which allows for automation of processes in machinery. It specifically aimed at those created by Siemens and was spread through infected USB drives. It altered the speed of the machinery, causing it to tear apart. Siemens eventually found a way to remove the malware from their software. It was named by McAfee employee Craig Schmugar, one of the people who had originally discovered it.
The worm spreads itself by appearing as an email transmission error and contains an attachment of itself. The payload itself is twofold: first it opens up a backdoor to allow remote access and second it launches a denial of service attack on the controversial SCO Group. It was believed that the worm was created to disrupt SCO due to conflict over ownership of some Linux code. CryptoLocker is a form of Trojan horse ransomware targeted at computers running Windows.
It uses several methods to spread itself , such as email, and once a computer is infected, it will proceed to encrypt certain files on the hard drive and any mounted storage connected to it with RSA public key cryptography. While it is easy enough to remove the malware from the computer, the files will still remain encrypted.
The only way to unlock the files is to pay a ransom by a deadline. If the deadline is not met, the ransom will increase significantly or the decryption keys deleted. The ransom operation was eventually stopped when law enforcement agencies and security companies managed to take control part of the botnet operating CryptoLocker and Zeus. Evgeniy Bogachev, the ring leader, was charged and the encryption keys were released to the affected computers.
0コメント