This article needs additional citations for verification .(January 2023) |
Michelangelo | |
---|---|
Classification | Boot sector computer virus |
Family | Stoned |
Origin | 1991 |
Authors | Unknown |
Technical details | |
Platform | DOS |
The Michelangelo virus is a computer virus first discovered on 3 February 1991 in Australia. [1] The virus was designed to infect DOS systems, but did not engage the operating system or make any OS calls. Michelangelo, like all boot sector viruses, operated at the BIOS level. Each year, the virus remained dormant until March 6, the birthday of Renaissance artist Michelangelo. There is no reference to the artist in the virus, and it is doubtful that the virus's developer(s) intended a connection between the virus and the artist. The name was chosen by researchers who noticed the coincidence of the activation date. The actual significance of the date to the author is unknown. Michelangelo is a variant of the already endemic Stoned virus.[ citation needed ]
On March 6, if the PC is an AT or a PS/2, the virus overwrites the first one hundred sectors of the hard disk with nulls. The virus assumes a geometry of 256 cylinders, 4 heads, 17 sectors per track. Although all the user's data would still be on the hard disk, it would be irretrievable for the average user.[ citation needed ]
On hard disks, the virus moves the original master boot record to cylinder 0, head 0, sector 7.
On floppy disks, if the disk is 360 KB, the virus moves the original boot sector to cylinder 0, head 1, sector 3.
On other disks, the virus moves the original boot sector to cylinder 0, head 1, sector 14.
Although designed to infect DOS systems, the virus can easily disrupt other operating systems installed on the system since, like many viruses of its era, the Michelangelo infects the master boot record of a hard drive. Once a system became infected, any floppy disk inserted into the system (and written to; in 1992 a PC system could not detect that a floppy had been inserted, so the virus could not infect the floppy until some access to the disk is made) becomes immediately infected as well. And because the virus spends most of its time dormant, activating only on March 6, it is conceivable that an infected computer could go for years without detection –as long as it wasn't booted on that date while infected.
The virus first came to widespread international attention in January 1992, when it was revealed that a few computer and software manufacturers had accidentally shipped products, for example Intel's LANSpool print server, infected with the virus. Although the infected machines numbered only in the hundreds, the resulting publicity spiraled into "expert" claims, partially led by anti-virus company founder John McAfee, [2] [3] of thousands or even millions of computers infected by Michelangelo. However, on March 6, 1992, only 10,000 to 20,000 cases of data loss were reported.[ citation needed ]
In subsequent years, users were advised not to run PCs on March 6, waiting until March 7, or else reset the PC date to March 7 at some time on March 5 (to skip March 6). Eventually, the news media lost interest, and the virus was quickly forgotten. Despite the scenario given above, in which an infected computer could evade detection for years, by 1997 no cases were being reported in the wild.[ citation needed ]
In computing, BIOS is firmware used to provide runtime services for operating systems and programs and to perform hardware initialization during the booting process. The BIOS firmware comes pre-installed on an IBM PC or IBM PC compatible's system board and exists in some UEFI-based systems to maintain compatibility with operating systems that do not support UEFI native operation. The name originates from the Basic Input/Output System used in the CP/M operating system in 1975. The BIOS originally proprietary to the IBM PC has been reverse engineered by some companies looking to create compatible systems. The interface of that original system serves as a de facto standard.
A floppy disk or floppy diskette is a type of disk storage composed of a thin and flexible disk of a magnetic storage medium in a square or nearly square plastic enclosure lined with a fabric that removes dust particles from the spinning disk. The three most popular floppy disks are the 8-inch, 5¼-inch, and 3½-inch floppy disks. Floppy disks store digital data which can be read and written when the disk is inserted into a floppy disk drive (FDD) connected to or inside a computer or other device.
File Allocation Table (FAT) is a file system developed for personal computers and was the default filesystem for MS-DOS and Windows 9x operating systems. Originally developed in 1977 for use on floppy disks, it was adapted for use on hard disks and other devices. The increase in disk drives capacity required four major variants: FAT12, FAT16, FAT32, and ExFAT. FAT was replaced with NTFS as the default file system on Microsoft operating systems starting with Windows XP. Nevertheless, FAT continues to be used on flash and other solid-state memory cards and modules, many portable and embedded devices because of its compatibility and ease of implementation.
This timeline of computer viruses and worms presents a chronological timeline of noteworthy computer viruses, computer worms, Trojan horses, similar malware, related research and events.
Brain is the industry standard name for a computer virus that was released in its first form on 19 January 1986, and is considered to be the first computer virus for the IBM Personal Computer and compatibles.
A boot sector is the sector of a persistent data storage device which contains machine code to be loaded into random-access memory (RAM) and then executed by a computer system's built-in firmware.
ProDOS is the name of two similar operating systems for the Apple II series of personal computers. The original ProDOS, renamed ProDOS 8 in version 1.2, is the last official operating system usable by all 8-bit Apple II series computers, and was distributed from 1983 to 1993. The other, ProDOS 16, was a stop-gap solution for the 16-bit Apple IIGS that was replaced by GS/OS within two years.
A boot disk is a removable digital data storage medium from which a computer can load and run (boot) an operating system or utility program. The computer must have a built-in program which will load and execute a program from a boot disk meeting certain standards.
CIH, also known as Chernobyl or Spacefiller, is a Microsoft Windows 9x computer virus that first emerged in 1998. Its payload is highly destructive to vulnerable systems, overwriting critical information on infected system drives and, in some cases, destroying the system BIOS. The virus was created by Chen Ing-hau, a student at Tatung University in Taiwan. It was believed to have infected sixty million computers internationally, resulting in an estimated NT$1 billion (US$35,801,231.56) in commercial damages.
A live CD is a complete bootable computer installation including operating system which runs directly from a CD-ROM or similar storage device into a computer's memory, rather than loading from a hard disk drive. A live CD allows users to run an operating system for any purpose without installing it or making any changes to the computer's configuration. Live CDs can run on a computer without secondary storage, such as a hard disk drive, or with a corrupted hard disk drive or file system, allowing data recovery.
The Rainbow 100 is a microcomputer introduced by Digital Equipment Corporation (DEC) in 1982. This desktop unit had a monitor similar to the VT220 and a dual-CPU box with both 4 MHz Zilog Z80 and 4.81 MHz Intel 8088 CPUs. The Rainbow 100 was a triple-use machine: VT100 mode, 8-bit CP/M mode, and CP/M-86 or MS-DOS mode using the 8088. It ultimately failed to in the marketplace which became dominated by the simpler IBM PC and its clones which established the industry standard as compatibility with CP/M became less important than IBM PC compatibility. Writer David Ahl called it a disastrous foray into the personal computer market. The Rainbow was launched along with the similarly packaged DEC Professional and DECmate II which were also not successful. The failure of DEC to gain a significant foothold in the high-volume PC market would be the beginning of the end of the computer hardware industry in New England, as nearly all computer companies located there were focused on minicomputers for large organizations, from DEC to Data General, Wang, Prime, Computervision, Honeywell, and Symbolics Inc.
Form was a boot sector virus isolated in Switzerland in the summer of 1990 which became very common worldwide. The origin of Form is widely listed as Switzerland, but this may be an assumption based on its isolation locale. The only notable characteristics of Form are that it infects the boot sector instead of the Master Boot Record (MBR) and the clicking noises associated with some infections. Infections under Form can result in severe data damage if operating system characteristics are not identical to those Form assumes.
Stoned is a boot sector computer virus created in 1987. It is one of the first viruses and is thought to have been written by a student in Wellington, New Zealand. By 1989 it had spread widely in New Zealand and Australia, and variants became very common worldwide in the early 1990s.
The Ping-Pong virus is a boot sector virus discovered on March 1, 1988, at the Politecnico di Torino in Italy. It was likely the most common and best known boot sector virus until outnumbered by the Stoned virus.
TOS is the operating system of the Atari ST range of computers. This range includes the 520ST and 1040ST, their STF/M/FM and STE variants and the Mega ST/STE. Later, 32-bit machines were developed using a new version of TOS, called MultiTOS, which allowed multitasking. More recently, users have further developed TOS into FreeMiNT.
VHD and its successor VHDX are file formats representing a virtual hard disk drive (HDD). They may contain what is found on a physical HDD, such as disk partitions and a file system, which in turn can contain files and folders. They are typically used as the hard disk of a virtual machine, are built into modern versions of Windows, and are the native file format for Microsoft's hypervisor, Hyper-V.
A computer virus is a type of malware that, when executed, replicates itself by modifying other computer programs and inserting its own code into those programs. If this replication succeeds, the affected areas are then said to be "infected" with a computer virus, a metaphor derived from biological viruses.
The Advanced Disc Filing System (ADFS) is a computing file system unique to the Acorn computer range and RISC OS-based successors. Initially based on the rare Acorn Winchester Filing System, it was renamed to the Advanced Disc Filing System when support for floppy discs was added and on later 32-bit systems a variant of a PC-style floppy controller.
The floppy disk is a data storage and transfer medium that was ubiquitous from the mid-1970s well into the 2000s. Besides the 3½-inch and 5¼-inch formats used in IBM PC compatible systems, or the 8-inch format that preceded them, many proprietary floppy disk formats were developed, either using a different disk design or special layout and encoding methods for the data held on the disk.
The FAT file system is a file system used on MS-DOS and Windows 9x family of operating systems. It continues to be used on mobile devices and embedded systems, and thus is a well suited file system for data exchange between computers and devices of almost any type and age from 1981 through the present.