Cryptography Reference
In-Depth Information
10.3
Viruses and Other Infections
The nature of bad news infects the teller.
William Shakespeare
— from
Antony and Cleopatra,
act 1, scene 2
One of the hacker tools we deliberately omitted from the list in Section 10.2
is that of the
virus construction kit
, since it fits into this section as a convenient
segue. Basically the name says it all, and usually these kits come with a GUI
(see Footnote 8.28 on page 328), as well as instructions on how to use the kit, so
that even script kiddies can use them (unfortunately) with effect, requiring no
no knowledge of how they work. Now we will learn about how viruses function.
Viruses
A
virus
is a hidden, and typically malicious, program that “infects” your
computer, by copying itself into and becoming part of, another program called
the
host program
, without which the virus cannot run. The effect varies from the
merely annoying to the completely destructive. Viruses might delete files, erase
programs, or even your entire hard drive. On the other hand, they may just
flash the message “gottcha” without end, for instance. We will learn about the
various types of viruses and how they work in this section. We will learn later
about other types of infections that do not need such a host program to infect
a computer. Moreover, although most viruses are written with a computer
in mind, such as those that will only attack a PC, but not a Macintosh, for
instance, there are platform-independent viruses (see macro viruses below).
The most common vehicle for infection today is the Internet, and many arrive
by e-mail. Downloading files from the Internet or opening an e-mail file may
trigger a virus. However, even the exchange of infected disks is a mechanism for
spreading infection.
The term “virus” from the biological realm is used here since the computer
virus acts in a similar manner to an infectious disease. A biological virus is
a string of nucleic acid (DNA or RNA), which may infect a living cell by as-
suming control of it and instructing it to replicate the virus many times over.
Similarly, computer viruses attach themselves, replicate themselves, and spread
in a manner akin to a biological one. They may take control of the computer's
OS, for instance, and whenever a new piece of software is encountered, it copies
itself to that new program thereby infecting it. With the Internet, where you
may access resources running on other computers, there is a rich culture for the
spread of this kind of infection.
Once a program is infected with a virus program, it becomes the host. The
virus program runs secretly when the host program is run, since it stays hidden
in the legitimate program, remaining dormant until the infected program is
run (or as we will see below, until an infected data file is accessed). A virus
may be embedded in an executable program, then once run, the virus code is
executed first, then the original program code. The following are the aspects of
a computer that a virus attacks.
Search WWH ::
Custom Search