Looking Back At the Other Kind of Virus

Slatterz writes "All this panic over a strain of flu got these people thinking about some of the more virulent computer pandemics that have hit in recent years. While a computer virus pales in seriousness to a human outbreak, malware attacks can still take a huge toll on businesses throughout the world. This list of the top ten worst viruses includes some interesting trivia, including ARPANET's Creeper virus in 1971, how early attempts at copy protection resulted in Brain, and MyDoom's denial of service attack on SCO."

the manual virus

[youn]

this talk about virii reminds me of a a mail I got once...

this is the manual virus, based on the code of honour.

for every of your disk drive
        for every folder
                delete contents

type the following, in capitals: you've been owned :)

Re:

[Schmorgluck]

Haha, yeah, in France we call this the Corsican virus.

Cross Platform!

[iYk6]

After reading your post, I got infected by your virus, but fortunately I am safe, because I am running Li JK%$#%43543535435j43kjkl ***NO CARRIER***

Re:

[hoooocheymomma]

Yeah it's virae. Or was that viren...

Re:

[Hamoohead]

Stop it already! [wikipedia.org]

Re:the manual virus

[x2A]

For the zillionth time, in Latin times, no one had the kind of technology to be able to see viruses, so no one knew they were individual things. The word 'virus' thus refered to a liquid, like an infected substance, and therefore was measured in unitS of quanitY (eg, 2 gallons of petrol, or 4 glasses of apple juice), not unit quantities (eg 4 individual apples). Notice where pluralisation occurs. To suggest Latin rules for pluralisation is absurd because the latin word wasn't to be pluralised; the units of measurement were to be. Learned folk should not repeat this mistake.

(I'm sure those with greater knowledge of Latin could weigh in on other reasons why 'virii' is incorrect, this is just the one I've been made aware of)

Re:the manual virus

[mabinogi]

The single biggest rule I use is. "Which language am I speaking?".

If the answer is English, then who cares from which language the word originated, and how that language may or may not have pluralised it?
In English, we append '-s' or '-es', so if in doubt, do that.
Doing so may not be correct all the time, but at least when it's wrong it looks like a simple mistake, rather than pretentious hyper-correction.

In English, we append -s or -es

[Gary W. Longsine]

That is, if you have an 8th grade understanding of English.

Re:the manual virus

[Anenome]

A. Virii is cooler.

B. The ancient attempt to force Latin grammar rules on English needs to be done away with. Split infinitives and ending sentences in prepositions may be crimes in Latin but are perfectly fine in English.

And some people need to stop being latin-grammar nazis.

Re:

[xouumalperxe]

Split infinitives and ending sentences in prepositions may be crimes in Latin but are perfectly fine in English.

"This is the sort of English up with which I will not put"

Re:

[serviscope_minor]

Split infinitives aren't a crime in Latin, just impossible as infinitives are a single word. They can not be sensibly split any more or less than any other word.

Re:

[x2A]

"And some people need to stop being latin-grammar nazis"

I think some people need to stop thinking that throwing the word 'nazi' in here and there makes for a valid argument or somehow proves a point.

"A. Virii is cooler."

Ignorance is never cool. I'm not being judgemental to people who simply didn't know something; I only know stuff because someone thought to tell me, or thought to put the information somewhere I could find. No one can know everything, but that doesn't exclude scope for correction. Learning i

Re:

[theaveng]

But many of the rules are completely arbitrary. For example: "Don't use double negatives." Why not? Chaucer and Shakespeare used double negatives all the time. In some of his more elaborate sentences, Chaucer used quadruple negatives. Who's to say one of the greatest writers used improper grammar?

Most Latin words have been converted to English words. We say "republics" not "republica" or whatever the hell the Latin form is. We say "arts" not "arti". And why is it that "viruses" is okay, but "fung

Re:

[Anenome]

All good points, sir, here, here. There was a push in the 19th century (as I recall) to make English conform to latin grammar rules and we're still suffering from the effects of those whom cannot break from the form. I recently went through a lecture series by Michael Drout called 'History of the English Language' which makes these same points far more eloquently than I, and calls this attempt both stupid and ignorant. He makes the same point as you about double and quadruple negatives also. Shakespeare wro

Re:

[pbaer]

Magi.

Re:

[julesh]

(I'm sure those with greater knowledge of Latin could weigh in on other reasons why 'virii' is incorrect, this is just the one I've been made aware of)

Like, for instance, the fact that "virii" would be the plural form of "virius", not "virus"... that's the elephant in the room, I think.

Re:

[Hatta]

So what? People still understand each other when the word 'virii' is used.

Why is it that when we're talking about "virii" all the prescriptive linguists come out, but when we're talking about "begs the question" everyone argues that "language evolves"?

Re:

[x2A]

Yeah, to hell with accuracy, correctness, lets just grunt at each other and point... as long as we know what each other means.

Re:

[x2A]

So your defense is "two wrongs make a right"?

As it happens, if I make an ignorant mistake, I much prefer to have it pointed out to me so I have a choice as to whether I make it again. I didn't have a good education, so this is how I learn. I merely treating others how I wish to be. There's absolutely nothing hypocritical there at all.

Re:

[theaveng]

I rebel. To hell with your foreign rules borrowed from foreign languages. I'm an English speaker by god, and I will pluralize my words according to MY traditions - either "s" or "es". If you don't like it, eat my battleax.

Re:

[x2A]

"I rebel"

Hardly! :-p

Re:

[mcrbids]

To suggest Latin rules for pluralisation is absurd because the latin word wasn't to be pluralised; the units of measurement were to be. Learned folk should not repeat this mistake. ... because not knowing how to properly pluralize a word is what the "learned folk" spent 8 years and tens to hundreds of thousands of dollars to know, right? Either that, or there's something pretty seriously borken with the post high-school educational system.

Well, perhaps the post high-school system is pretty borken, but I sur

Re:

[x2A]

"so how many kinds of petrols do we have?
how many juices?"

In the first instance, you pluralised 'kinds'; 'petrol' shouldn't be plural (ie, "how many kinds of petrol"). The second I believe to be incomplete, and should also be prefixed as with your first to form something like "how many types of juice".

Re:

[x2A]

"but also have a glass containing two different juices"

Nope, one glass with two different types of juice, or juice from two different fruits or two different types of fruit. One may choose to abbreviate, as with anything, but just because it is done, doesn't mean it is correct... just because it's not correct doesn't mean you have to care, but again, it not being important to you doesn't make it correct either.

Thing of the past?

[Kell Bengal]

It seems to me that these days a mere computer virus is a thing of the past. Nowdays malware seems dominated by worms, trojans and other software with more sophisticated propagation techniques.

Is the old floppy-to-floppy style of virus nearing extinction, or will poisoned bittorrent files breathe new life into this kind of chicanery?

Re:

[Miseph]

I sure hope so. the old virus', despite being malicious and stupid, were at least a little bit amusing at times. Remember the virus' that didn't actually do any permanent damage, just did something annoying for a couple of hours before they self-deleted? Those were the days.

Re:

[Architect_sasyr]

What they were were the days of honour and respect. Where virus authors did it for the challenge, the reputation, and the fun of it all (tiny for the least instructions possible, whale because it was hard to crack etc.). Not like these cheap fucks we have these days who don't care if they slow down a system or corrupt files - where it is all about the biggest e-peen with the largest DoS capability and copy paste code from generators. It's a shame really, it reminds me of the cliche "old mafia vs new mafia"

Re:

[Anonymous Coward]

It's evolved past that I'm afraid. Now it's about the largest install base, most subversive antivirus evasion techniques, and best functionality for botnet resale to the criminal underground.

Not the biggest e-peen, but the biggest payout.

Re:

[Miseph]

Get your accurate memory of how things were out of my nostalgia dammit. I only miss the cute ones, not the pointlessly destructive crap. Besides, the best written ones were never that droll... only a newb would ever think that killing random file systems just to be a jerk is kewl.

Re:Thing of the past?

[phantomcircuit]

You are aware that the Conficker worm spread over infected flash drives with autorun enabled right?

Re:Thing of the past?

[Kell Bengal]

No, actually, I wasn't. That might explain all this trouble I've been having. No... wait... that's just windows.

Re:

[elfprince13]

good thing I explicitly disable autorun for every Windows computed I've ever configured for someone.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[frozentier]

Is the old floppy-to-floppy style of virus nearing extinction, or will poisoned bittorrent files breathe new life into this kind of chicanery?

My newest PC doesn't even have a floppy (nor a hookup for one), so it must be bittorent files.

Re:

[GigsVT]

I think it's because people are using CDs and DVDs to do things like boot disks (and often to move data around) these days.

As flash based technology displaces read-only optical, I think you'll see a resurgence in old style sneakernet viruses.

Slashdotted

[TorKlingberg]

Slashdotted, get the Coral cached version: http://www.pcauthority.com.au.nyud.net/News/143993,top-ten-worst-viruses.aspx [nyud.net]

At last!

[msobkow]

At last, an article from a major outlet that doesn't break up into ten seperate pages, one for each item, all in hopes of getting more page/ad views. :)

Re:At last!

[Evil Shabazz]

Yeah, I love when a Top Ten article lists numbers 10 through 3, with 2 honorable mentions. That's always my favorite top ten format.

Re:At last!

[tomhudson]

That's because he couldn't finish the article: the author just got the other two, coolwebsearch [wikipedia.org] and xrenoder [paretologic.com], and between the pop-ups and the pr0n links, he's fux0red. His home page now says "In Soviet Russia, computer surfs YOU!"

Little big difference

[gmuslera]

Computer malware dont kill y

Re:

[Rev. Brucie J.]

Computer malware dont kill y

You didn't say Candlejack, di

Re:

[Kotoku]

What the heck is wrong with you? Candlejack won't do anyth

Re:

[sdpuppy]

Except when it infects the machine that has you on life support or scrambles your med records or disables the safety systems in your friendly neighborhood nuclear power plant...

Incomplete article?

[TinBromide]

after #3. MyDoom, there's no jump, no next page, just the copy right notice, am i missing something?

Anywho, these viruses remind me of a kinder, gentler time when lemonade was real and the danger wasn't, when we had to boot our machines up hill, both ways in the snow, and yada yada yada. Good piece of nostalgia, but I'd be interested to see #2 and #1.

Re:

[Jbain]

I think the two 'honorable mentions' might be counted in the 10? Dunno, I wish they would list 1 and 2. Good read though :)

it's 10 of the top 12 thanks to Creeper and Brain

[davidwr]

Creeper and Brain put themselves at the head of the list.

Fortunately, Reaper came in and fixed it up but botched the job, truncating the list after the 10th entry.

Re:Incomplete article?

[Evets]

They're waiting for slashdot readers to enumerate the last two. They'll read all the "They forgot xxx virus" comments and by tomorrow, they'll wrap up #2 and #1.

Remember Generic.dx!bm?

[Jesus_666]

Man, Generic.dx!bm easily was the most terrible virus in existence. Sometimes I still wake up at night, having had a nightmare about Generic.dx!bm.

They really should make Generic.dx!bm their number one, for its sheer awfulness.

Re:Incomplete article?

[l00sr]

Top ten incomplete top ten lists:

10) That virus one [pcauthority.com.au]

9) This one

Re:

[MadKeithV]

8) ????
7 through 1) Profit!!!
0) 'cause real geeks index starting at 0!

Re:

[dna_(c)(tm)(r)]

after #3. MyDoom, there's no jump, no next page, just the copy right notice, am i missing something?

On #2 there is a virus so secretive, that any mention of it's name deletes the entire paragraph on any webpage.

On #1 thWHERE paragraphId=254369;

i remember a doozy

[ifeelswine]

back in the heydey of isca bbs, back in the mid-90s, there was a virus going around and if you got it it would install itself and monitor your iscabbs activity. if you got an IM with a certain codeword (which i will not type) from a fat chick, you would sleep with her. i got hit with it and it was the best worst month of my life.

Re:

[TinBromide]

I'm trying to think of what the word would be, but I can't come up with a word to mean "I have free pizza and the entire star trek series recorded on VHS tapes in my apartment."

I bet that there's something in klingon or lojban to embody the nerd's mating call...

code red

[Haxx]

Code Red wreaked havoc on the routers at the place I was working for back in 2001. That was the virus that caused ISP's to block the ports for all those peronal web servers running for no reason. Well the ISP's relised that they could cut thier traffic in half by leaving the ports blocked permanently. The virus allowed an infected machine to receive remote commands via IE cgi commands. You could check the router log to see who was infected, connect to the IP with IE and read and write to thier hard drive. The virus was named by the security team that found it, they were drinking Mountain Dew Code Red at the time.

Re:code red

[dargaud]

'Code red' did one good thing though... It was the only worm that ever affected me. At the time I was running everything MS, webserver was IIS, etc. After that I installed Apache on Windows. And ever so slowly I began to think that it might have been easier to run it directly on Linux (and it was). Now I write Linux drivers for a living C;-)

STDs

[Timberfox]

My girlfriend told me i got herpies from using her laptop

Re:

[beav007]

In a highschool health class, the teacher asked the students what the worst STD is. My little brother replied "pregnancy"...

Re:

[Anonymous Coward]

yea, it makes more dimwits like your brother

The Real Worry

[mrsquid0]

The real worry is that a computer virus will make the leap into the human population.

Re:The Real Worry

[MichaelSmith]

The real worry is that a computer virus will make the leap into the human population.

Well they already use humans as a medium of transmission.

Re:The Real Worry

[Anonymous Coward]

I believe this has already happened.

A large number people were exposed for far too long to a popular operating system (name undisclosed) and this has infected their brain resulting in a massive dumbing down of the users... A few antivirus are available but the problem is that while the virus is in control, the subjects will refuse to take any cure.

Re:The Real Worry

[Anonymous Coward]

Ah yes. Parent is referring to the viral nature of the GPL. If I learned anything in school, it's that using Linux is like having unprotected sex with Richard Stallman.

-BSD fanboi

[Mods, relax. It's a joke. I know the parent would want me to say it's about Windows and Bill Gates, which makes me wonder about those poor chaps who go both ways and dual boot. I bet they take it in the boot... Oh bugger I did it again, sorry!]

Re:

[Digestromath]

I knew I shouldn't have had that Vista Capable pacemaker installed... If my heart needs to reboot, my pacemaker better not blue screen.

psst. . . want some Snowcrash?

[drawlight]

Great drug minimal side effects.

Re:

[Anenome]

You've just described the BIGGEST PLOT HOLE in Neal Stephenson's popular novel "Snow Crash" (which is also quite good and you must read ^_^ )

virut / vitro

[steak]

ran into this one the other day and it was pretty bad, apparently it has been around awhile but this was the first time i saw it.

Re:

[stavros-59]

Viurt is nasty and fairly difficult to repair. Most malware removers [blogspot.com] recommend reinstallation rather than attempt to repair damaged system files.

There's no mention of the Blaster/Sasser worm [wikipedia.org], Sircam [f-secure.com], CIH [wikipedia.org] or Magistr [f-secure.com]. All of which caused panic and damage at least on the same scale as Conficker. All of which had much more damaging payloads than any of those noted.

Seems to be a fairly dodgy, or poorly researched list.

Re:

[Toonol]

My son got it on his laptop a few weeks ago. (Son, where have you been going online?)

Worst virus I've ever seen. Completely unrepairable. Had to wipe his system twice. Nobody has a cleaner or disinfectant utility. The saving grace, I guess, is that it's so virulent it destroys the system before it can spread much.

Re:

[Voyager529]

My son got it on his laptop a few weeks ago...The saving grace, I guess, is that it's so virulent it destroys the system before it can spread much.

E-bola?

Nimda deserved its place

[clifforch]

The first I heard about nimda was one of the senior engineers in our company telling me to scan my PC and let him know if anything showed up. The only thing that did was a java script trojan dropper which was relatively harmless, but by the time I'd finished everyone was sitting around waiting for the company network to be given the all clear.

Nimda seemed to show a preference for hitting file servers. Even though my machine was clear at the start, I was just checking through a shared folder and *bam*, as soon as the mouse moved across a file called readme.txt.js (The final extension was hidden, but this didn't make any difference.) a tftp connection was opened to the host, and fortunately the antivirus had been updated by that time, and so stopped it. The preview bug that caused this was a zero day.

I was on a win98 box at the time, some people on unpatched NT machines fared worse (Yeah yeah, I know patch or die.. but the company I was at didn't take endpoint security seriously, it was a wake up call to the IT department, this was the first and last worm to really own our network.) they got hit by the worm like behaviour, from directory traversal attacks with no assistance from the user needed. Nimda shut us down for days, during the first few all clears our antivirus provider was still learning all the attack vectors, so it kept coming back.

I'd like to throw a few bricks at Symantec over this, but it was a shocking learning experience for more than just them. I doubt another event like this will happen on well managed networks.. It will just be the odd trojan leaking information and joining a botnet. Or maybe some idiot connecting his personal modem behind the firewall, but I can only hope not.

Re:

[Mr.Bananas]

I second that. Nimda was the worst virus I've ever personally dealt with. At the time, I was a network admin in my university, and by the time I showed up to work that morning, our primary domain controller was full of millions of readme.txt.js files, half of the grad students workstations were infected, and a mob of angry students and professors were pounding at our door wondering where's the network.

Turns out, Nimda found its way into our network through a grad student's rogue unpatched IIS server. Onc

Re:

[jotok]

I'd like to throw a few bricks at Symantec over this

What for, exactly?

The vendors don't get definitions out until they have received and reverse-engineered a sample of the malware. In most cases they get it very early, in some cases they get it from the authors themselves who just want a write-up, in rare cases they will buy them.

In any case, I often hear customers saying "Man we got this worm, fuck $ANTIVIRUS_VENDOR!" but I don't know how you expect them to protect you from something if they haven't seen

Short memories

[Jeremy Erwin]

I get the strange impression that the authors aren't terribly clear on the difference between an Apple II and a modern Mac.

Re:

[Runefox]

Perhaps someone forgot about an article that was on here a week or so ago about the modern Mac-based botnet that's currently floating around [arstechnica.com]? Not particularly vulnerabilities in the OS, but it's the idea that Macs are bulletproof that allows social engineering to be a very successful attack vector against Mac users. Remember that a lot of viruses even in the Windows world still require the user to manually launch them.

What's incredibly funny is that the first result for "Mac botnet" in a Google search is a

Re:

[Jeremy Erwin]

What's incredibly funny is that the first result for "Mac botnet" in a Google search is a 2006 "Mac Geekery" blog entry containing a rant about how Macs will never constitute a botnet. =D Such foresight! Such fanboism!

Where were the Atari viruses? The Commodore 64 viruses? The Amiga viruses?

Re:

[Runefox]

Well, neither of those systems were networked or quite up to par with the business machines out there in the day, but there were plenty of Amiga viruses [wikidot.com] floating around, thanks to its widespread homebrew and piracy.

The Commodore 64 and Atari didn't exactly have permanent storage, so the worst you could do would be to have an annoying attachment to a diskette/tape/cartridge that wouldn't transfer to other media unless used during the same session. However, that in mind, there does happen to be at least one C [wikia.com]

Re:

[Zero__Kelvin]

"Remember that a lot of viruses even in the Windows world still require the user to manually launch them."

Actually, there is quite literally no such thing as a computer virus that requires user to manually launch it. You are thinking of a Trojan.

Re:

[Anonymous Coward]

What's there to be clear about? The Apple II and the modern Mac are both crap. :-)

Is that all?

Look, this is no place for amateur trolls.
For example, if you're going to say something about Macs you should at least learn the basics: express doubts about the user's sexual orientation, imply lower intelect due to the fact they're paying a higher price, compare Mac users to a cult etc.

This trolling of yours is shite.
I question your paternity.

Anyone remember the Howard Stern virus?

[jbeach]

I'm recalling this from the late 90's. It was a virus that was supposed to make it impossible for office workers to use their computers from 6 AM to 10 AM, and encourage them to listen to Howard Stern instead.

Top 12 through 3 viruses?

[echucker]

They have two honorable mentions, then count down from 10 to 3.

Where the hell are #2 and #1?

Depends

[EdIII]

While a computer virus pales in seriousness to a human outbreak

Well, virus is not really the proper word for most of what is infecting people anymore. It's malware, spyware, and trojans.

However, you design a destructive virus to hit public infrastructures and medical facilities and it might as serious or more than a biological virus.

Re:

[Max Littlemore]

Well, virus is not really the proper word for most of what is infecting people anymore. It's malware, spyware, and trojans.

People get infected with viruses, or worms, but not malware. Computers get infected with malware, spyware and trojans.

Man, you've gotta get out more often.

xkcd, anyone?

[Schmorgluck]

It made me instantly think of this strip [xkcd.com].

I'll nominate a few

[tekiegreg]

In the abscense of #1 and #2 I'll nominate some:

1) Michelangelo
Back in the MS-DOS days this virus caused a scare at my workplace, on Michelangelo's birthday we were given directive to shut down our computers...my first experience with Virus hype...

2) Good Times Virus
Well ok not a virus, but I remember having to explain to my dad what a Virus hoax was for hours...ugggh...

Re:

[msu320]

There was an old MS dos virus where after your system was infected you would have to play and win a blackjack game or else it would introduce massive crosslinks in the fat table and force a reboot.

Re:

[julesh]

2) Good Times Virus
Well ok not a virus, but I remember having to explain to my dad what a Virus hoax was for hours...ugggh...

I actually received a copy of Good Times only last year. Yes, it's still doing the rounds.

Re:

[shambalagoon]

LOL - you got pwned by your own sig.

Spending hours in bed with your dad, explaining anything, is not recommended.

Subscription ?

[daveime]

Do we have to subscribe somewhere to find out what #2 and #1 are ?

How about a top 10 list of websites who are hopeless at compiling top 10 lists.

Honourable Mention - Underpants Gnomes
#10 PCAuthority
#2 ???
#1 Profit !!!

Not TEN

[Jerry Smith]

Lists ends at 3. Probably ILoveYou and NetSky (though Bugbear was also popular in it's days) were meant to be on 1 and 2.

MyDoom's denial of service attack on SCO

[rs232]

"This one is different and much more troubling, since it harms not just our company, but also damages the systems and productivity of a large number of other companies and organizations around the world. The perpetrator of this virus is attacking SCO, but hurting many others at the same time"

"There are computers with incorrect clock settings [deseretnews.com] that may already be firing off an attack," against SCO's site"

Curiously enough SCOs site was hit before the virus was set to trigger and a company Centershift [net-security.org] ba

Fixed the story

[99luftballon]

OK, we've now fixed it

Re:

[gmuslera]

It forgot to list as malware one of the most deadliest computer attack vectors of internet: the slashdot effect. In human terms, probably could count as overdose (could be somewhat healthy things, like aspirines, water, etc)

Re:

[Tubal-Cain]

Top Ten Medical Breakthroughs Of All Time:

• Swine Flu
• Penicillin
• Vaccines
• Pasteurization
• Leaches
• ...

Re:

[interkin3tic]

Only in slashdot-land does a first post get modded as "Redundant"

Honest question: how many other places can someone be modded redundant for anything? I don't browse a lot of forums, but it doesn't seem too common.

Re:

[thomasdz]

It's OK... I understand. I got modded redundant because "swine flu" was actually mentioned in TFA, which I didn't read.
So, although I was just joking, it was a redundant joke.

I wish I had said something witty like "frist post"

Re:

[techno-vampire]

Here's a hint for you: redundant doesn't only mean that somebody else already said it. It can also mean that it didn't need to be said in the first place.

As an example, a post that says nothing but, "Hey, guys, a list of the top ten viruses!" would be redundant, even if nobody else posted anything like it.

It is Redundant.

[WED Fan]

Redundant because the summary basically said the same thing? D'oh!

Re:

[emcron]

Parent is spam link.

Re:

[julesh]

The boot sector of an Apple II disk was 256 bytes, insufficient for both fulfilling the normal task of a boot sector and also containing a functional computer virus.

Disagree. Apple IIs were based on the 6502, which had an extraordinarily compact instruction code compared to modern machines. I've never tried writing an Apple II boot sector, but based on my experience of writing PC boot sectors, 256 bytes is more space than you would need. In a single 512-byte 80x86 boot sector I've managed to fit a read-o

Re:

[russotto]

Elk Cloner didn't live in the boot sector. It lived on Track 2, within the DOS area but not the boot sector. Whether a boot sector virus for the Apple II could actually be written is another question. My guess would be "yes" (by using the controller ROM to do most of the work), but it couldn't have much of a payload.

I had the misfortune of catching Cloner when it was in the wild. The program "MASTER CREATE" from the original DOS 3.3 disks (provided they were uninfected) would effectively wipe it out (by