computersecurityhandbook.com
Home  >  Fourth Edition  >  Chapter 9
Chapter 9 –  Malicious Code
     Roger Thompson

Chapter Contents:

   9.1    Introduction
   9.2    Early History of Viruses
   9.2.1    Late 1987
   9.2.1.1    Pakistani or Brain Virus
   9.2.1.2    The Lehigh Virus
   9.2.1.3    Christmas Tree Worm
   9.2.2    Early 1988
   9.2.3    Stoned/New Zealand/Marijuana Virus
   9.3    Virus Varieties
   9.3.1    Virus Factories/Code Generators
   9.3.2    Program Infector Viruses
   9.3.2.1    Polymorphic Viruses
   9.3.2.2    Stealth Viruses
   9.3.2.3    Tunneling Viruses
   9.3.2.4    Retroviruses
   9.3.2.5    Memory-Resident Viruses
   9.3.2.6    Nonresident Infectors
   9.3.2.7    Prependers, Appenders, Overwriters, and Midfile Infectors
   9.3.2.8    Multipartite Viruses
   9.3.3    Boot Viruses
   9.4    Microsoft Software and Recent Viruses
   9.4.1    August 1995: Windows 95 Released
   9.4.2    August 1995: MS-Word Macro Viruses Appear
   9.4.3    July 1996: First Excel Virus-XM/Laroux.a
   9.4.4    January 1997: Office 97 Released
   9.4.5    February 1997: First E-mailing Virus-WM/ShareFun.a
   9.4.6    March 1998: First Access Virus-A97/AccessiV.a
   9.4.7    June 1998: Windows 98 Released
   9.4.8    September 1998: First Office Cross-Infector-O97/Shiver.a
   9.4.9    November 1998: First .vbs Virus-VBS/VBSFirst
   9.4.10    December 1998: First PowerPoint Virus-PP97/Attach.a
   9.4.11    January 1999: First Modern Worm-Happy99@m
   9.4.12    March 1999: First Outlook Mass Mailer-W97/Melissa.a@mm
   9.4.13    April 1999: First Virus to Attempt to Flash ROM-CIH Virus
   9.4.14    June 1999: First Worm to Spread by Both Mass Mailing and Network Shares-Zipped Files
   9.4.15    October 1999: First Self-Mailing Virus Able to Run Without Opening an E-mail-JS/Kak@m
   9.4.16    December 1999: W32/Babylonia.a@mm
   9.4.17    May 2000: Fastest Spreader?-VBS/LoveLetter.a@mm
   9.4.18    October 2000: W32/Hybris@mm
   9.4.19    February 2001: VBS/VBSWG.J@mm (also known as OnTheFly, Anna Kournikova)
   9.4.20    March 2001: W32/Magistr@mm
   9.4.21    May 2001: VBS/VBSWG.X@mm (a.k.a. Homepage)
   9.4.22    July 2001: W32/CodeRed
   9.4.23    August 2001: W32/CodeRed II (a.k.a. CodeRed.C)
   9.4.24    September 2001: W32/Nimda.a@mm
   9.5    Worms
   9.5.1    Prevention of Worms and Other E-mail-Carried Malicious Code
   9.5.2    Morris Worm of 1988
   9.6    Non-Replicating Threats
   9.6.1    SubSeven
   9.6.2    Multidropper
   9.6.3    Distributed Denial-of-Service Programs
   9.6.4    The Web: Java, ActiveX, Scripts, and HTML
   9.7    Hoaxes
   10.0    Conclusion

Please report problems to the webmaster at: webmaster@removethis.rlgsc.com
copyright 2002-2006, Robert Gezelter, All Rights Reserved