5 Very Spooky Viruses

It’s almost Halloween. Time to buy a bunch of cheap candy, put up a few spooky decorations around the house, and browse around a Halloween Store feeling utterly disappointed that no costume will ever match your Jerry Seinfeld Puffy Shirt costume from last year.

To get into the Halloween spirit, how about a list of 5 very spooky viruses! Well, you don’t have a choice as you’re already reading the post. Viruses, in some ways, are kind of like a haunting or, possession of a computer. Anti-virus software is a technological exorcism. Let’s face the facts—viruses are scary as heck. Here are 5 viruses which are quite terrifying, if not downright spooky.

The Creeper

The Creeper is generally accepted as the first computer worm ever created.1 In 1971, Bob Thomas at BBN created the virus to illustrate the idea of a mobile application, one which was able to travel from computer to computer, replicating itself. The virus would print pages which exclaimed, “I’M THE CREEPER : CATCH ME IF YOU CAN.”

That doesn’t make much sense because at that point, you’ve already caught it. But, I guess what it was trying to say is “STOP ME BEFORE I CREEP ALL OVER YOUR INTRANETS.” Anyhow, The Creeper was so spooky, the first anti-virus program, also a worm itself, called The Reaper was written to destroy it.2

CryptoLocker

I heard horror stories about this one when it first came out a few years back. CryptoLocker encrypts (locks) all of your data and, even more spooky, any data on shared network drives it has access to. Once it’s finished encrypting your files, it finally presents itself as ransomware, demanding bitcoin to unlock your data. It appears the hackers do in fact decrypt (unlock) your files for you upon payment. A great listen is the RadioLab’s podcast about this virus… then again, RadioLab is always a great listen.

StuxNet

Definitely the scariest and most interesting virus I’ve ever heard of. My personal favorite to talk about. And real. Technically a firmware rootkit, this virus used 4 zero-day exploits, which is an exploit unknown to the computer or software manufacturer. That means, the StuxNet virus had almost a half a million dollars worth of zero-day exploits if you go by Kevin Mitnick’s numbers.3 This has been called the most elaborate and technologically advanced virus ever made. Well, what did StuxNet do?

StuxNet was an attempt to target Iranian centrifuges through the Siemens Step7 (software) and the PLC (hardware, a logic controller). The virus was introduced and propagated through the Iranian internet quickly, and generally didn’t cause any harm to other computers. Since the Iranian nuclear facilities were not connected to the internet, it was introduced to the network over a USB drive.

The virus modifies the rotational speed of the centrifuge but, masks the changes from the monitoring system using rootkit technology. When a nuclear centrifuge’s rotational speed changes and this doesn’t show up in your monitoring programs, this is somewhat of a large deal. And it worked. It slowed the Iranian nuclear program down quite substantially. I really recommend reading more into this one, as it’s very interesting and very spooky. And this virus is still out in the wild.

Think that’s spooky? How about the fact the StuxNet code can now be thoroughly studied, implemented as a blueprint vector of attack, and used against the US, or other countries, in the future causing nuclear reactors or other industrial control systems to malfunction.4

BadBIOS

I remember hearing about rootkits in the early 2000s and they are theoretically some of the spookiest viruses you can deal with. What makes BadBIOS so terrifying isn’t the fact that it’s supposedly a cross-platform rootkit or, that it can communicate with other infected machines via a high frequency sound transmitted over speakers and picked up over compromised microphones.

What makes BadBIOS so scary is that highly regarded security consultant Dragos Ruiu seems to be the only one who could identify it, although there were others who supported his findings. Attempts to post documentation of the infection have been “cleaned” in the process of uploading, apparently by the hackers.

While some security experts agree what Dragos was claiming is certainly plausible, it still hasn’t been documented as actually happening. Reading about BadBIOS is definitely paranoia inducing, which is one of the main conclusions plenty of researchers have suggested about Dragos himself, making this a truly spooky situation for anyone who dares5 to read6 the tales7.

The Unknown

Recent revelations regarding safety of our personal data is definitely spooky, whether it’s in the cloud, on our phone, or on our laptops. When it’s more likely that government agencies or corporations (what’s the difference, really?) will break into our machines, everyone is trying to get a piece of the pie.

Viruses in the past made it very obvious that there was a problem with your machine. Unrelenting pop up ads that turned into a game of whack-a-mole were a big hint. Remember CoolSearch? Nowadays, unless it’s a ransomware virus similar to CyptoLocker, viruses remain silent and rarely drop hints, unless they are picked up by a virus scan. This is due to the fact that it makes more financial sense for hackers to maintain control over the machine, install keyloggers, steal information, and turn your computer into a zombie!

Virus writers would love to turn your computer into a zombie as part of a bot-net, and use it as part of a DDOS attack to blackmail websites or similar!8 Therefore, the spookiest viruses are the ones you aren’t already aware you have!

And remember, if you’ve discovered you have a virus after it’s already running, it’s best practice to back-up your data and reinstall your operating system. Unless you’re running Tenex9 and got The Creeper–there’s some nostalgia value there.


1 https://www.theguardian.com/technology/2009/oct/23/internet-history
2 http://history-computer.com/Internet/Maturing/Thomas.html
3 https://www.wired.com/2014/09/kevin-mitnick-selling-zero-day-exploits/
4 http://www.businessinsider.com/stuxnet-was-far-more-dangerous-than-previous-thought-2013-11
5 http://www.infoworld.com/article/2609622/security/4-reasons-badbios-isn-t-real.html
6 http://arstechnica.com/security/2013/11/researcher-skepticism-grows-over-badbios-malware-claims/
7 https://isc.sans.edu/forums/diary/New+PhatAgoGaobot+Variants+Followup+on+port+1981+increase/169
8 http://www.ibtimes.co.uk/hackers-demand-huge-ransom-banks-avoid-ddos-attacks-1513450
9 https://en.wikipedia.org/wiki/TOPS-20#TENEX

Recent Posts