Whale | |
---|---|
Alias | Mother Fish |
Type | computer virus |
Origin | Hamburg, Germany [1] |
Technical details | |
Size | 9,216 Bytes |
The Whale virus is a computer virus discovered on July 1, 1990. The file size, at 9,216 bytes, was for its time the largest virus ever discovered. It is known for using several advanced "stealth" methods.[ citation needed ]
After the file becomes resident in the system memory below the 640K DOS boundary, system slow-down occurs as a result of the virus' polymorphic code.[ citation needed ] Symptoms include video flicker and output to screen appearing very slowly. Files may seem to "hang" even though they will eventually execute correctly.
It was reported that one infected program displayed the following message when run:
THE WHALE IN SEARCH OF THE 8 FISH
I AM '~knzyvo}' IN HAMBURG addr error D9EB,02
Shifting the letters of "~knzyvo}" left in the ASCII table by 10 characters turns the string into "tadpoles". [2]
A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It will use this machine as a host to scan and infect other computers. When these new worm-invaded computers are controlled, the worm will continue to scan and infect other computers using these computers as hosts, and this behaviour will continue. Computer worms use recursive methods to copy themselves without host programs and distribute themselves based on exploiting the advantages of exponential growth, thus controlling and infecting more and more computers in a short time. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
This timeline of computer viruses and worms presents a chronological timeline of noteworthy computer viruses, computer worms, Trojan horses, similar malware, related research and events.
The Melissa virus is a mass-mailing macro virus released on or around March 26, 1999. It targets Microsoft Word and Outlook-based systems and created considerable network traffic. The virus infects computers via email; the email is titled "Important Message From," followed by the current username. Upon clicking the message, the body reads, "Here's that document you asked for. Don't show anyone else ;)." Attached is a Word document titled "list.doc," containing a list of pornographic sites and accompanying logins for each. It then mass-mails itself to the first fifty people in the user's contact list and disables multiple safeguard features on Microsoft Word and Microsoft Outlook.
CIH, also known as Chernobyl or Spacefiller, is a Microsoft Windows 9x computer virus that first emerged in 1998. Its payload is highly destructive to vulnerable systems, overwriting critical information on infected system drives and, in some cases, destroying the system BIOS. The virus was created by Chen Ing-hau, a student at Tatung University in Taiwan. It was believed to have infected sixty million computers internationally, resulting in an estimated NT$1 billion (US$35,801,231.56) in commercial damages.
A live CD is a complete bootable computer installation including operating system which runs directly from a CD-ROM or similar storage device into a computer's memory, rather than loading from a hard disk drive. A live CD allows users to run an operating system for any purpose without installing it or making any changes to the computer's configuration. Live CDs can run on a computer without secondary storage, such as a hard disk drive, or with a corrupted hard disk drive or file system, allowing data recovery.
Abraxas, also known as Abraxas5, discovered in April 1993, is an encrypted, overwriting, file infecting computer virus which infects .COM and .EXE files, although it does not infect command.com. It does not become memory resident. Each time an infected file is executed, Abraxas infects the copy of dosshell.com located in the C:\DOS directory, as well as one EXE file in the current directory. Due to a bug in the virus, only the first EXE file in any directory is infected.
Ada is a computer virus that can affect any of the DOS operating systems. Ada was first discovered in 1991.
ILOVEYOU, sometimes referred to as the Love Bug or Loveletter, was a computer worm that infected over ten million Windows personal computers on and after 5 May 2000. It started spreading as an email message with the subject line "ILOVEYOU" and the attachment "LOVE-LETTER-FOR-YOU.TXT.vbs". At the time, Windows computers often hid the latter file extension by default because it is an extension for a file type that Windows knows, leading unwitting users to think it was a normal text file. Opening the attachment activates the Visual Basic script. First, the worm inflicts damage on the local machine, overwriting random files, then, it copies itself to all addresses in the Windows Address Book used by Microsoft Outlook, allowing it to spread much faster than any other previous email worm.
The Michelangelo virus is a computer virus first discovered on 3 February 1991 in Australia. The virus was designed to infect DOS systems, but did not engage the operating system or make any OS calls. Michelangelo, like all boot sector viruses, operated at the BIOS level. Each year, the virus remained dormant until March 6, the birthday of Renaissance artist Michelangelo. There is no reference to the artist in the virus, and it is doubtful that the virus's developer(s) intended a connection between the virus and the artist. The name was chosen by researchers who noticed the coincidence of the activation date. The actual significance of the date to the author is unknown. Michelangelo is a variant of the already endemic Stoned virus.
Jerusalem is a logic bomb DOS virus first detected at Hebrew University of Jerusalem, in October 1987. On infection, the Jerusalem virus becomes memory resident, and then infects every executable file run, except for COMMAND.COM. COM files grow by 1,813 bytes when infected by Jerusalem and are not re-infected. Executable files grow by 1,808 to 1,823 bytes each time they are infected, and are then re-infected each time the files are loaded until they are too large to load into memory. Some .EXE files are infected but do not grow because several overlays follow the genuine .EXE file in the same file. Sometimes .EXE files are incorrectly infected, causing the program to fail to run as soon as it is executed.
Westwood is a computer virus, a variant of the Jerusalem family, discovered August 1990, in Westwood, Los Angeles, California. The virus was isolated by a UCLA engineering student who discovered it in a copy of the "speed.com" program distributed with a new motherboard. Viral infection was first indicated when an early version of Microsoft Word reported internal checksum failure and failed to run.
Scott's Valley [sic] is a computer virus, a member of the Slow virus family and distantly related to the Jerusalem virus family. It was discovered in September 1990 in Scotts Valley, California.
Cryptovirology refers to the study of cryptography use in malware, such as ransomware and asymmetric backdoors. Traditionally, cryptography and its applications are defensive in nature, and provide privacy, authentication, and security to users. Cryptovirology employs a twist on cryptography, showing that it can also be used offensively. It can be used to mount extortion based attacks that cause loss of access to information, loss of confidentiality, and information leakage, tasks which cryptography typically prevents.
Blackworm is an Internet worm discovered on January 20, 2006 that infects several versions of Microsoft Windows. It is also known as Grew.a, Grew.b, Blackmal.e, Nyxem.e, Nyxem.d, Mywife.d, Tearec.a, CME-24, and Kama Sutra.
The Oompa-Loompa malware, also called OSX/Oomp-A or Leap.A, is an application-infecting, LAN-spreading worm for Mac OS X, discovered by the Apple security firm Intego on February 14, 2006. Leap cannot spread over the Internet, and can only spread over a local area network reachable using the Bonjour protocol. On most networks this limits it to a single IP subnet.
A computer virus is a type of malware that, when executed, replicates itself by modifying other computer programs and inserting its own code into those programs. If this replication succeeds, the affected areas are then said to be "infected" with a computer virus, a metaphor derived from biological viruses.
The Pikachu virus, also referred to as Pokey or the Pokémon virus, was a computer worm believed to be the first malware geared at children, due to its incorporation of Pikachu, the mascot species of the Pokémon media franchise. It was considered similar to the Love Bug, albeit slower in its spread and less dangerous.
MS Antivirus is a scareware rogue anti-virus which purports to remove virus infections found on a computer running Microsoft Windows. It attempts to scam the user into purchasing a "full version" of the software. The company and the individuals behind Bakasoftware operated under other different 'company' names, including Innovagest2000, Innovative Marketing Ukraine, Pandora Software, LocusSoftware, etc.
Gruel, also referred to by F-Secure as Fakerr, was a worm first surfacing in 2003 targeting Microsoft Windows platforms such as Windows 9x, Windows ME, Windows 2000 and Windows XP. It spread via email and file sharing networks.
Beluga whale coronavirus SW1 is a mammalian Gammacoronavirus, an RNA virus, discovered through genome sequencing in the liver of a single deceased beluga whale and first described in 2008. This was the first description of the complete genome of a coronavirus found in a marine mammal.