A delightful article on malware, a small history, very interesting, a must read ...
A short history of Christmas malware
Since the very earliest days of computer viruses, malware authors have been inspired by the Christmas holidays when developing attacks.
Here's a quick, and probably incomplete, history of some of the Christmas-related malware that we have seen over the years.
Christmas 1987
"Christmas Tree" (also known as "CHRISTMA EXEC"), which spread in December 1987, was an early example of an email-aware worm.
Using the subject line
"Let this exec run and enjoy yourself!"
The worm was blamed on a German student, who claimed he just wanted to send greetings to his friends.
Christmas 1999
The WM97/Melissa-AG virus (also known as Prilissa) infected Microsoft word documents, spreading via email using the subject line
This document is very Important and you've GOT to read this !!!
As a final destructive gesture, the virus would attempt to format the C: drive on the next reboot.
Meanwhile, rumours were spreading far and wide that a game called "Elf Bowling" was infected with a computer virus.
However, all copies of the game examined by Sophos researchers were found to be uninfected, and the warnings were nothing more than a hoax wasting users' time.
Christmas 2000
The W32/Navidad virus spead via email, masquerading as an electronic Christmas card.
Infected computers could be identitifed by the mysterious blue eye icons it would place in the Windows system tray.
Users who moved their mouse cursor over the eyes would be presented with a variety of different messages:
Another example of malware which tried to leave its mark on the holiday season in 2000 was the W32/Music email-aware worm.
Sending out messages similar to "Hi, just testing email using Merry Christmas music file, you'll like it.", the worm was attached as a file called music.com, music.exe or music.zip.
Christmas 2001
The Maldal virus spread via email, again using the tried-and-trusted technique of pretending to be a seasonal electronic greeting card called Christmas.exe.
Once installed, the Maldal malware would display a picture of Santa Claus on skis accompanied by a prancing reindeer, with the message "From the heart, Happy new year!".
Christmas 2004
The Zafi-D virus spread fear rather than cheer, attached to emails offering offering seasonal greetings. The virus, created in Hungary, could communicate in a variety of languages - spreading messages such as "FW: Merry Christmas", "Joyeux Noel!" and "Feliz Navidad!"
In a somewhat un-Christmassy twist, it embedded a vulgar animated GIF graphic of two "smiley" faces which appeared to be enjoying themselves in a way that would make Rudolph the reindeer red-faced as well as red-nosed.
Christmas 2007
The creators of the Dorf-AE worm (also known as the Storm worm) launched an attack that posed as a sexy striptease being performed by none other than the wife of Santa Claus.
Using a wide variety of subject lines, including "Your Secret Santa", "Santa Said, HO HO HO", "Warm Up this Christmas" and "Mrs. Clause Is Out Tonight!", the emails attempted to direct internet users to a website containing images of scantily clad young women in a Santa suit.
Christmas 2009
The pesky Koobface worm, which targets users of social networks such as Facebook, adopted a Christmas disguise by hiding on a Santa-themed webpage.
The webpage pretended that you need to install an update to Adobe Flash Player but that was, of course, in reality a carrier for a version of the worm.
There are, no doubt, plenty of other examples of Christmas-related malware we have seen in the past - but hopefully this gives you an insight into some of the more visual examples we have seen in the past at least.
Read more at nakedsecurity.sophos.comRemember that you need to take computer security seriously all year around - don't let your guard drop and don't fall into bad habits just because it's the holiday season. My colleague Paul Ducklin has written up some guidelines for staying safe online this Christmas, and even made a cheery video to get you in the mood.
0 comments:
Post a Comment