Barrotes

Barrotes
Screenshot of the virus, showing its characteristic bars.
Type	Computer virus
Subtype	Boot virus
Authors	OSoft (Pseudonym)
Cyberattack event
Date	1992
Technical details
Platform	DOS
Size	1310 bytes
Written in	Assembly Language

Barrotes is a computer virus, considered as the first of Spanish origin, ^{[1] [2] [3] [4]} which appeared in December 1992, ^[5] and was programmed in assembly language for DOS-based systems. Initially, although to a lesser extent, it was also called Toledo by the press, ^{[6] [1]} due to the location in the homonymous city of its first discovery, and registered as Virus:DOS/Barrotes by Microsoft. ^[7]

Like many viruses of the time, it remains dormant in the affected machine, waiting for a specific date to execute its malicious code, also called payload, with the date chosen by its developer being 5 January, a very important date in Spain, as it is the night of the Biblical Magi, displaying the message «Virus BARROTES por OSoft» and the on-screen graphics of the characteristic bars that give it its name and make it look like the system is in a prison cell. ^{[8] [2] [9]}

Features

The virus occupies a total of 1310 bytes in size and infects COM and EXE executable files. ^{[8] [10]} When an infected file is executed on the system, the malicious code of the virus is the first thing to execute, checking if it is already resident in memory, detecting if it has already been executed before, bypassing the infection process of the executed file, otherwise it proceeds to install itself in memory by registering the interrupt vector corresponding to DOS services (int 21) in the virus header, thanks to which the virus will infect files on the system as the user executes them. ^{[8] [11]}

It will then check if the date is 5 January to display the author's message and the bars, otherwise it runs the system normally, going unnoticed. ^{[8] [2]}

Propagation method

Barrotes has no automatic method of propagation beyond infecting local files on the machine affected by the virus. Its main method of dissemination, given the context of its time of action —the 90s— was the exchange of infected files via physical storage media, such as floppy disks. ^{[11] [12] [4]}

Variants

Subsequently, new versions and variants of the virus appeared with more pronounced malicious effects, such as the Barrotes 1303 variant in 1996, ^[13] which destroyed the boot sector of the hard disk, preventing the system from booting and accessing the information stored on it, changing the activation date to 23 September. ^{[12] [9] [14]} Many computer systems were exposed to these effects. ^[15]

See also

• Brain (computer virus)
• Stoned (computer virus)
• Michelangelo (computer virus)

References

1. "ABC MADRID 06-01-1994 página 89 - Archivo ABC". abc. 2019-08-27. Retrieved 2025-02-16.
2. Lizana, José Alberto (2022-06-25). "Barrotes: el primer virus informático español y uno de los más peligrosos de la historia. Así es como infectaba un ordenador". Genbeta (in Spanish). Retrieved 2025-02-16.
3. "El virus informático español 'Barrotes' está entre los diez más peligrosos del mundo". lavozdigital (in Spanish). 2009-08-26. Retrieved 2025-02-16.
4. Security, Panda (2020-04-22). "30 años de ciberataques: de Barrotes a WannaCry". Panda Security Mediacenter (in European Spanish). Retrieved 2025-02-16.
5. bhenblod (2024-09-05). Deleted - Check my other uploads.
6. "ABC MADRID 04-01-1995 página 51 - Archivo ABC". abc. 2019-06-18. Retrieved 2025-02-16.
7. "Virus:DOS/Barrotes threat description - Microsoft Security Intelligence". www.microsoft.com. Retrieved 2025-02-16.
8. PCMania 28.
9. "¿Te suena el virus Viernes-13?". ELMUNDO (in Spanish). 2015-07-27. Retrieved 2025-02-16.
10. Ford, Richard, ed. (April 1993). Virus Bulletin - The Authoritative International Publication On Computer Virus Prevention, Recognition And Removal (PDF). Virus Bulletin - The Authoritative International Publication On Computer Virus Prevention, Recognition And Removal. ISSN   0956-9979.
11. "Barrotes - Cómo eliminar virus Barrotes - Panda Security". web.archive.org. 2024-12-05. Retrieved 2025-02-16.
12. "Virus barrotes, el primer ciberataque de origen español cumple 30 años". www.esedsl.com (in Spanish). Retrieved 2025-02-16.
13. "Barrotes.1303". ESET Magyarország (in Hungarian). Retrieved 2025-02-16.
14. Ford, Richard, ed. (December 1993). "Virus Bulletin - The Authoritative International Publication On Computer Virus Prevention, Recognition And Removal" (PDF). Virus Bulletin - The Authoritative International Publication On Computer Virus Prevention, Recognition And Removal. ISSN   0956-9979.
15. "¿Está 'Enfermo' su PC? SOR118". www.elmundo.es. Retrieved 2025-02-16.

Bibliography

• Pc Mania, number 28, 1995 HOBBY PRESS, S.A. , Internet Archive
• OK PC number 17, 1993, New Publisher Press, S.A., Internet Archive
• Virus Bulletin - The International Publication On Computer Virus Prevention, Recognition And Removal, 1994, Network Security Management, UK, ISSN 0956-9979, Internet Archive

External links

• Virus.DOS.Barrotes (YouTube)