Despite its name, which sometimes lead (the romantic “I love you” or catch-teen “Kournikova”), computer viruses are in effect computing the nightmare of the new millennium bugbear of anyone who has a connection to the Network But, in the end, is a virus?
We start from the name, this strange metaphor of biological origin. When twenty years ago the American Fred Cohen wrote, for his doctoral thesis for a university in California, the first code of a virus, his intentions were anything but criminal. Its aim was to create a program that replicates autonomously (as a “Blob” …) and acquires the system privileges held by other applications. In practice, “that infect other programs and systems” (a word of Cohen). Hence the name, because, as happens in biology, viruses require a “body” and that the guests that will provide the necessary facilities to breed, but unfortunately, at times, our own PC.
This epithet evokes (rightly) outbreaks and other adverse consequences, taking advantage of the vulnerability of computer systems and, above all, the increasing interconnection of computers through the Internet.
All malware is a silver lining
A virus can cause irreparable damage: destroy data, knock out computers, communicate confidential information to a third party, use machines for criminal purposes (for example, the attack on a website) and so on. The term “virus”, however, indicates a whole class of malicious programs, also very different from each other. Let’s do some ‘clarity, and find out what we have to fight against.
A generic term that encompasses all of these pests is malware , created by the contraction of the English word “malicious” and “software” (or “malicious program”). The malware is, therefore, a program created and distributed for malicious purposes, which may take various forms: viruses , Trojans , worms , but also dialer (of that scourge, however, do not deal in these pages). In our case we will consider the virus as such, trojans and worms.
A virus is a small program that sneaks into a computer to perform some specific action, mostly destructive.
But how do they work, practically?
First, the file “attached” is parsed, it reads the header of the executable (which contains basic information about the file), and the virus determines how much space must be available in order to put in the file, and creates this “hole” where creeps. The file is then modified, as well as its header: it is here that we find the signature of the new parasite. At this point, the modified file is saved to disk and the virus continues to live in his new habitat until it is removed, or deleted entirely the infected document. The infection of other files occurs when the executable file is started.
Trojans or Trojan Horses, are not really viruses, but programs that generally lurk inside other files (eg compressed archives) to avoid detection by antivirus software. Their purpose is to act as open systems, making the computer available to a hacker . This is possible because the trojan consists of two different programs: a client and a server . The first is resident on the machine of the attacker, the second is installed on the victim and starts, automatically, turn on the PC. In this way, when you are online, who controls the server can have the computer resources at will: delete files, create new ones, discover your passwords, monitor your actions and what you write on your keyboard to reset the system, or even render it unusable.
The third category that we consider is that of the worm (worm), a type of malware that, once installatosi in the host PC, is able to replicate and spread to other computers connected to it (in a local network or via the Internet) . The most common method of spread of worms is through e-mail messages sent over the Internet. Unfortunately, in recent months, there has been a resurgence of this phenomenon: has anyone been able to test the phenomenon, seeing that arrive in e-mail viruses of all kinds. From the fake update to Microsoft (the virus Gibe) the now famous MyDoom, attacks by worms follow are always with renewed vigor.