VX Heaven

Library Collection Sources Engines Constructors Simulators Utilities Links Forum
Top 5 articles
C. Stoll «The Cuckoo's Egg» (42426)
T. Chen, J. Robert «The Evolution of Viruses and Worms» (32127)
A. Solomon «A Brief History of PC Viruses» (20417)
B. Fix «A strange story» (17077)
D. McIlroy «Darwin, a Game of Survival of the Fittest among Programs» (16168)

Library: History

«Computer virus hits again» 2.5Kb 10124 hits
«Ludwig Shelters Under First Amendment» 3.04Kb 9778 hits
Virus Bulletin, June 1992, p.9 (1992)
Mark Ludwig, author of The Little Black Book of Computer Viruses (see VB, March 1992, pp 17-18) is pleading the First Amendment in order to justify the publication of the book. In a communication on Compuserve he stated `I have consulted with a lawyer regarding the legality of writing/publishing viruses, and have found that among the legal community, it seems unanimous that writing and publishing viruses, per se, is TOTALLY protected by the First Amendment.'
Aleph Null
«Darwin» [TeX] 9.79Kb 9805 hits
Software: Practice and Experience, Vol. 2, Issue 1, pp.93-96 (January/March 1972) (1972)
Ten years ago, Vyssotsky (V. A. Vyssotsky, Bell Telephone Laboratories, New Jersey.) invented something completely different from the usual computer games. Darwin is a game between computer programs as programs. The object is survival; programs may ‘kill’ one another, and may create copies of themselves in unoccupied store.
John Asbury
«Computer viruses (BMJ 296-013)» 4.55Kb 9700 hits
British Medical Journal, vol. 297, pp.246-247 (1988)
Some time ago an intensive care unit in Glasgow found that its normally well ordered computer network was becoming erratic: data were being corrupted and files were being lost. Recently a general practitioner who used an IBM compatible computer for his repeat prescriptions discovered that important files were being corrupted. In both cases a computer virus was at work. Eventually the viruses were identified and exterminated, but not quickly and not without the loss of data.
Jim Bates
«Mark A. Washburn - Walking the Research Tightrope» 10.47Kb 6074 hits
Virus Bulletin, April 1991, pp. 19-20 (1991)
The business of taking MS-DOS computer viruses apart so that they can be analysed and classified is done solely to provide information that will enable rapid identification and effective protection for computer users likely to be at risk from the malicious targeting of such code. Researchers worldwide are becoming far more accomplished in their dissections and analyses but all of them are still severely overworked trying to keep pace with new viruses as they are discovered.
David Buerger
«A Specter Is Haunting Networks - The Specter of Viruses, Hidden in Horses» 4.8Kb 8667 hits
Infoworld, Vol. 10, No. 10, p.16 (1988)
PC viruses are in the news. A spate of recent articles has left many users with the impression that a mysterious cancer is gobbling up computer data left and right.It's time for network managers, bulletin board enthusiasts, and anyone who shares programs or data with other PC users to understand how viruses work and how to confront them.
Thomas Chen, Jean-Marc Robert
«The Evolution of Viruses and Worms» 40.75Kb 32127 hits
Chapter from 'Statistical Methods in Computer Security' (2004)
Computer viruses and network worms have evolved through a continuous series of innovations, leading to the recent wave of fast-spreading and dangerous worms. A review of their historical development and recent outbreaks leads to a number of observations. First, while viruses were more common than worms initially, worms have become the predominant threat in recent years, coinciding with the growth of computer networking. Second, despite widespread use of firewalls and other network security equipment, worm outbreaks still occur and will likely continue to be a threat for the near future. Third, recent worms are appearing as a series of quick successive variants. Unlike the independent efforts of early viruses, these variants suggest an increasing level of coordination among worm creators. Fourth, recent worms have shown capabilities to spread faster and exploit more infection vectors. This trend implies a more urgent need for automated, coordinated protection measures. Finally, more dangerous payloads are becoming commonplace. This suggests that worm creators are using worms for other objectives than simply infection, such as data theft and setting up denial of service networks.
Michelle Delio
«You, Too, Can Write an Anna Worm» 6.96Kb 12288 hits,1282,41817,00.html (2001)
The Anna Kournikova e-mail worm that whacked networks this week was not the work of a skilled cracker. It was created using one of the many virus-generating kits that are easily available on the Internet.
Joe Dellinger
«A (long) story about an (old) Apple II virus» 13.22Kb 14279 hits
news://alt.folklore.computers (1990)
I have been asked by Gene Spafford to write an article detailing the life story of a Virus I wrote for Dos 3.3 on the Apple ][ in December, 1981 for one of his journals. Spafford wants me to write the story up because it's the earliest documentable personal computer virus he's heard of. I'm trying to get more information that I plan to use to make that article more complete.
Alexander Dewdney
«A Core War bestiary of viruses, worms and other threats to computer memories» 22.44Kb 11992 hits
Scientific American, 1985, v.252, N 3, pp. 14-19 (1985)
«In the game called Core War hostile programs engage in a battle of bits» 22.76Kb 11056 hits
Scientific American, 1984, v.250, N 5, pp. 15-19 (1984)
«Of worms, viruses and Core War» 21.28Kb 11641 hits
Scientific American, 1989, v.260, N 3, pp. 90-93 (1989)
«A program called MICE nibbles its way to victory at the first Core War tournament» 16.16Kb 10651 hits
Scientific American, 1987, v.256, N 1, pp. 8-11 (1987)
Julian Dibbell
«Viruses Are Good for You» 57.45Kb 9819 hits
Wired magazine (1995)
Spawn of the devil, computer viruses may help us realize the full potential of the Net.
John Dvorak
«Virus Wars: A Serious Warning» 4.13Kb 7045 hits
PC Magazine (1988)
A new computer virus is infecting microcomputers around the world. Where is the utility that will prevent our PCs from becoming victims in this epidemic?
Philip Elmer-DeWitt
«Invasion of the Data Snatchers» 25.82Kb 13247 hits
Time Magazine, Sep. 26, 1988, pp.62-67 (1988)
A "virus" epidemic strikes terror in the computer world
Philip Elmer-DeWitt, Ross Munro
«You Must Be Punished» 3.67Kb 9409 hits
Time Magazine, Sep. 26, 1988, p.44 (1988)
On Brain virus
Nikki Finke
«Does Your Computer Have a Virus?» 14.53Kb 10092 hits
Los Angeles Times (1988)
Experts Debate Whether Electronic Attacks Are Urban Mythology or Threat to Security
Bernd Fix
«A strange story» 19.42Kb 17077 hits
My personal approach to the story that the BND (Germany's Bundesnachrichtendienst) has stolen a mainframe computer virus I wrote and used it as a "weapon" against computer systems in the eastern countries.
Steve Gibson
«Effective and Inexpensive Methods Exist for Controlling Software Viruses» 4.97Kb 9157 hits
Infoworld, Vol. 10, No. 19, p.51 (1988)
This is my final column, of four, on the topic of software viruses. The first three discussed fundamental technology, reproductive action, and anti-viral counter-measure issues. This column will discuss specific viruses and specific anti-viral countermeasures.
James Green, Patricia Sisson
«The "Father Christmas worm"» 22.8Kb 9011 hits
NASA Technical Reports, Published in the 12th National Computer Security Conference Proceedings (1989)
Three days before Christmas 1988, a computer worm was released on a very large international DECnet network. The worm reproduced itself and was received on an estimated 6,000 computer nodes worldwide. However, only a small percentage of these nodes actually executed the program. The computers that successfully ran the program would try to propagate the worm to other computer nodes.The worm was released onto the DECnet Intemet from a computer at a university in Switzerland. Within 10 minutes after it was released, the worm was detected on the Space Physics Analysis Network, or SPAN, which is NASA's largest space and Earth science network. Once the source program for the worm was captured, a procedural cure, using existing functionality of the computer operating systems, was quickly devised and distributed. A combination of existing computer security measures, the quick and accurate procedures devised to stop copies of the worm from executing, and the network itself, were used to rapidly provide the cure. These were the main reasons why the worm executed on such a small percentage of nodes.The purpose behind the worm was to send an electronic mall message to all users on the computer system running the worm. The message was a Christmas greeting and was signed "Father Christmas." This paper presents an overview of the analysis of the events concerning the worm based on an investigation that was made by the SPAN Security Team and provides some insight into future security measures that will be taken to handle computer worms and viruses that may hit similar networks in the future.
Harold Highland
«A History Of Computer Viruses - Introduction» 13.02Kb 12579 hits
Computers & Security, Vol. 16, No. 5, pp.412-415 (1997)
The following series of articles are taken from Harold's Computer Virus Handbook, published by Elsevier Advanced Technology in 1990. Viruses have moved on a long way since then, but the extracts published here provide a useful background in virus development, and contain much information that is still relevant today. It is also interesting to note that Harold introduces the Macro Virus concept a few years before it became more widely identified as a major problem.
«A History Of Computer Viruses - The Famous `Trio'» [SRC] 47.08Kb 10868 hits
Computers and Security, Vol. 16, No. 5, pp.416-429 (1997)
It was not until the fall of 1987 that computer viruses began to command worldwide attention in the popular press as well as in the trade and technical press. Late in 1987 computer viruses struck at two universities in the States and one in Israel.
«A History Of Computer Viruses: Three Special Viruses» 29.82Kb 10289 hits
Computers and Security, Vol. 16, No. 5, pp.430-438 (1997)
There are several computer viruses that we have in executable form but whose existence in the business world cannot be satisfactorily confirmed.
Philip Hilts
«There's A Virus In My Software» 9.99Kb 10018 hits
The Washington Post Weekly Edition, Page #38. May 23-29, 1988. (1988)
Tiny programs that are deliberately cause mischief are epidemic among computers and causing nervousness among those who monitor them. Since the first tests of the notion in 1983 that machines can catch and spread "information diseases," the computer world has reached the point at which as many as thirty instances of "computer virus" have been reported in the past year, affecting tens of thousands of U.S. computers alone.
Jan Hruska
«Virus Writer and Distributors» 15.01Kb 5842 hits
Virus Bulletin, July 1990, pp.12-14 (1990)
It is not easy to establish the origins of a computer virus and it is rare that positive indicators as to authorship can be found by examining virus code. There are, of course, notable exceptions to this.
Bryan Kocher
«A Hygiene Lesson» 5.36Kb 11273 hits
Communications of the ACM, Volume 32 Number 1, pp.3,6 (1989)
Peter Lewis
«The Executive Computer: A Virus Carries Fatal Complications» 6.41Kb 7754 hits
New York Times, Technology, p. C-11 (1988)
AS long as programmers write programs, some unscrupulous people will concoct lethal ''computer viruses,'' software programs that use computer code to enter other programs and re-program them or destroy data. And some experts have concluded that no protection exists against such viruses. Imagine Wall Street's computers suddenly going berserk, executing thousands of bogus trades until the market is paralyzed, or your company's financial records being wiped out or altered into incoherence - or a space shuttle or a space-based weapon executing orders from such a program.
Mel Mandell
«The West German Hacker Incident and Other Intrusions» 13.93Kb 11320 hits
Computers under attack: intruders, worms, and viruses, pp. 150-155 (1990)
John Markoff
«Computer pranksters plant 'virus' in Macs» 4.79Kb 10181 hits
San Francisco Examiner, February 11, 1988 page A-1 (1988)
A computer "virus" designed by adherents to a loose-knit philosophy called the Church of the SubGenius is creating an uproar on the nation's largest computer-information system, whose managers fear the bug may cause widespread destruction.
Nicholas Martin
«Revenge of the nerds» 11.48Kb 10994 hits
Washington Monthly, Vol. 20, No. 12, p. 21 (1989)
Revenge of the nerds; the real problem with computer viruses isn't genius programmers, it's careless ones
Douglas McIlroy
«Darwin, a Game of Survival of the Fittest among Programs» 11.22Kb 16168 hits
Darwin, a competition between self-reproducing programs, was conceived and played forty years ago at Bell Laboratories. The following pages were transcribed from a 1971 letter on which was based the first public description of Darwin, in the Computer Recreations column of Software - Practice and Experience, Volume 2 (1972) pages 91-96, written by ``Aleph-Null''. A decade further on, A. K. Dewdney's Scientific American column for May, 1984, described an updated version of the game, rechristened as Core Wars.
Vin McLellan
«Computer Systems Under Siege» 13.18Kb 8314 hits
The New York Times, Sunday, January 31, 1988. Business Section, pp. 1,8 (1988)
This was one of the early articles on computer viruses in the popular press.
Brian McWilliams
«Another Computing Platform Gets Its First Virus» 2.91Kb 13397 hits
Newsbytes (2002)
SAPvir, the first virus to infect programs and reports used by the high-end SAP R/3 business information system, was posted to an online virus library this week.
Paul Mungo, Bryan Glough
«Approaching Zero: The Extraordinary Underworld of Hackers, Phreakers, Virus Writers, And Keyboard Criminals» 467.74Kb 10251 hits
Random House (1993)
Entertaining but hardly comprehensive, this study offers a somewhat European angle on the "technological counterculture." The authors draw on interviews and technical literature to examine the techniques of American and British phreakers (who tap into phone systems), profile "Captain Zap" - Pennsylvanian Ian Murphy, the first American computer hacker to be prosecuted - and describe the biggest international gathering of hackers, which took place in Amsterdam in 1989. Particularly interesting is an account of how Bulgaria, a would-be high-tech power, spawned hackers and a flood of computer viruses - approximately 200 since 1988. But Clough, an English accountant who has specialized in international computer security, and Mungo, an American freelance journalist, rarely offer in-depth portraits of their subjects, nor is their treatment sufficiently thorough to lend credence to their warning that we "may no longer be able to trust technology."
Jamie Murphy
«A Threat from Malicious Software» 6.16Kb 10091 hits
Time (1985)
Hackers are slipping dangerous miniprograms into big systems
Brian Reid
«Reflections on Some Recent Widespread Computer Break-Ins» 11.38Kb 11677 hits
Computers under attack: intruders, worms, and viruses, pp. 145-149 (1990)
Dennis Ritchie
«Joy of reproduction» 1.41Kb 7024 hits
net.lang.c (1982)
Once the object cpp was installed, its bugs were thus self-reproducing, while all the source code remained clean-looking. (Things were even set up so the funny stuff would not be inserted if cc's -P option was used.)
Ralph Roberts
«COMPUTE!'s computer viruses» 333.94Kb 16081 hits
COMPUTE! Books (1988)
The authoritative guide to computer viruses, worms, and Trojan horse programs includes important information every computer user needs to protect against possible disaster.
Tim Sankary
«Developing virus identification products» 20.26Kb 7700 hits
In January of 1986, the world's first computer virus was unleashed upon an unsuspecting and largely defenseless population of global IBM personal computers users. The virus originated in Lahore, Pakistan, and spread rapidly from country to country through Europe and across to the North American Continent. In less than twelve months it had infected nearly a half-million computers and was causing minor havoc in hundreds of universities, corporations and government agencies.This virus, later dubbed the "Pakistani Brain", caught the user community unawares and the problems resulting from its many infections demonstrated how unprepared we were for this phenomenon. The computer systems targeted by the virus contained no specific hardware or software elements that could prevent or even slow its spread, and few utilities could even detect its presence after an infection occurrence. Fortunately, the virus was not destructive, and it limited its infections to floppy diskettes; avoiding hard disks entirely.The first defensive procedure developed to counteract this virus involved a simple visual inspection of a suspected diskette's volume serial label. The virus erased every infected diskette's volume label and replaced it with the character string - "@BRAIN". Thus, any inspection of the volume label, such as performing a simple DIRECTORY command, would indicate the presence or absence of the virus. An infected diskette could then be reformatted, or the virus could be removed by replacing the boot sector. This manual procedure is a typical, if somewhat rudimentary, example of the type of functions performed by a class of antiviral utilities commonly called Infection Identification products.Infection identification products generally employ "passive" techniques for virus detection. That is; they work by examining the virus in its inert state. This contrasts with active detection products which look for specific actions employed by a virus. For example, looking for a Format instruction within a segment of code on a disk would be a passive method of detecting a potentially destructive program. If we detected the Format attempt during program execution, however, we would be performing an active detection. Passive methods concern themselves with the static attributes of viruses, active methods concern themselves with the results of virus execution.Example active indicators are: the attempted erasure of critical files, destruction of the FAT table, re-direction of system interrupt vectors, general slowdown of the system, or an attempt to modify an executable program. These indicators are generic; that is, they are common to a large class of viruses. Because so many viruses perform these common activities, however, they are of little use in identifying individual virus strains. It is the passive virus indicators that prove most useful to a positive identification: The characteristic text imbedded within the virus, specific flags, singular filenames or a distinctive sequence of instructions that are unique to the virus. These and other similar indicators can best be ascertained by scanning system storage and examining the program files and other inert data.
Fridrik Skulason
«The Search for Den Zuk» 7.34Kb 12799 hits
Virus Bulletin, February 1991, pp.7-8 (1991)
The virus known as Den Zuk was discovered over two years ago, and infections have occasionally been reported since then. It is a boot sector virus with one major effect and one, probably unintentional, harmful side-effect.One of the earliest reports of the virus came from Venezuela - leading to the incorrect conclusion that it was written there. The virus was instead written in Indonesia, where several related viruses are known to exist. It contains the following text message, which is not displayed.
Robert Slade
«History of Computer Viruses» 42.19Kb 11159 hits
[...] Viral programs have a long, and sometimes honourable, history. (I do not intend, by this statement, to be involved in the current debate about whether or not viral programs serve a useful purpose outside research environments.) [...]
Alan Solomon
«A Brief History of PC Viruses» 41.11Kb 20417 hits
Computer Fraud & Security Bulletin, vol 1993, issue 12, pp. 9-19 (1993)
[...] It all started in 1986. Basit and Amjad realised that the boot sector of a floppy diskette contained executable code, and this code is run whenever you start up the computer with a diskette in drive A. [...]
Cliff Stoll
«The Cuckoo's Egg» 722.46Kb 42426 hits
Pocket Books (1990)
A sentimental favorite, The Cuckoo's Egg seems to have inspired a whole category of books exploring the quest to capture computer criminals. Still, even several years after its initial publication and after much imitation, the book remains a good read with an engaging story line and a critical outlook, as Clifford Stoll becomes, almost unwillingly, a one-man security force trying to track down faceless criminals who've invaded the university computer lab he stewards. What first appears as a 75-cent accounting error in a computer log is eventually revealed to be a ring of industrial espionage, primarily thanks to Stoll's persistence and intellectual tenacity.
«Stalking the Wily Hacker» 70.89Kb 12065 hits
Computers under attack: intruders, worms, and viruses, pp. 156-185 (1990)
An astronomer-turned-sleuth traces a German trespasser on our military networks, who slipped through operating system security holes and browsed through sensitive databases. Was it espionage?
«What do you Feed a Trojan Horse?» 30.19Kb 12919 hits
Proceedings of the 10th National Computer Security Conference (1987)
Computer security is sometimes best served by corking up known holes in a system, and sometimes by tracking an intruder to the source. Techniques used to pursue the latter course include high speed network traces, operating system alarms, off-line monitoring, and traffic analysis. But technical methods are not enough. It's just as important to coordinate efforts with law enforcement agencies and other professional organizations, and to understand the constraints set on each organization. Persistent sleuthing can ultimately locate the source, but it may require considerable time and effort.
Péter Ször, Eugene Kaspersky
«The Evolution of 32-Bit Windows Viruses» 17.16Kb 12445 hits
Windows 2000 Magazine Online (2000)
Chris Tavares
«Origin of the Cookie Monster» 3.38Kb 11400 hits (1995)
This programm is often mentioned as one of the first known viruses. Indeed this is non viral terminal locking program written in PL/I for MIT Multics by Chris Tavares.
Dan Verton
«With war near, U.S. raises terror alert level» 3.34Kb 8541 hits
On what now appears to be the eve of almost certain war in Iraq, the U.S. government last night raised the terrorism alert level to "orange" and is ordering stepped-up security for all the nation's critical infrastructure, including the Internet.
John Walker
«The Animal Episode» 18.06Kb 15425 hits (1996)
The Computer Recreations column of Scientific American for March 1985 related a somewhat garbled version of the ANIMAL saga a little more than ten years after the events upon which it was based. David D. Clark of the Laboratory for Computer Science at the Massachusetts Institute of Technology recounted the story in a letter to columnist A. K. Dewdney. Already, the ANIMAL story had begun to mutate into an "urban legend" of computerdom - moving through space and time, recalled by a "friend of a friend", and accreting additional details with every telling.
Edward Wilding
«Mr. Washburn’s Explanation» 3.61Kb 5585 hits
Virus Bulletin, April 1991, p. 21 (1991)
The existence of numerous ‘Lab’ viruses (code written for experimental purposes to ‘assist’ the development of anti-virus software) presents both technical and ethical dilemmas to anti-virus investigators. Mark Washburn’s ‘experimental’ viruses, which are reported in this month’s edition, present particular difficulties as the programs do not appear to have been written with malicious intent. The publication or open discussion of the encryption methods employed would be unwise because these viruses effectively invalidate the hexadecimal search pattern as a reliable means to detection. Worse still, his initial methods were made available in the public domain which accounts for the ‘hacked’ Casper virus which VB reported in January 1991 (p. 24). In view of our intention to report his activities, it was decided that Mr. Washburn should have the opportunity to explain himself; with this in mind a letter was sent to him at his address in the United States.
«Popp Goes The Weasel» 9.07Kb 11605 hits
Virus Bulletin, January 1992, pp.2-3 (1992)
Dr. Joseph Lewis Popp, the alleged author of the notorious AIDS Information Diskette (VB, January 90, pp.2-10; VB, March 90, p.2) has been set free by a UK court. Judge Geoffrey Rivlin QC at Southwark Crown Court dismissed the case against Popp, who faced charges on eleven counts of blackmail, after testimony from London psychiatrist Paul Bowden to the effect that Popp, 41, was psychologically unfit to plead. New Scotland Yard’s Computer Crime Unit initially had high hopes that Popp would stand trial; the CCU, in conjunction with the FBI with assistance from computer analyst Jim Bates had, over the course of a two year investigation, assembled a veritable barrage of forensic evidence to link Popp with the development and distribution in December 1989 of some 20,000 Trojanised diskettes.
42 authors, 52 titles
By accessing, viewing, downloading or otherwise using this content you agree to be bound by the Terms of Use! aka