Evolution of computer viruses
Some cybercriminals are pursuing information rather than just money.
According to the Associated Press (AP) and other American media sources, Russian hackers launched a coordinated, months-long operation in December 2020 that resulted in the theft of some of the “most deeply held secrets” of the American government.
The AP claims that after downloading a tainted commercial software update, at least two government departments as well as numerous additional “high-value public- and private-sector targets” were compromised.
Is it possible that hackers have nuclear secrets?
COVID-19 vaccination information?
AP piece speculates, “Blueprints for next-generation weapons systems?”
Some thefts might go undetected.
Virus Melissa
The Melissa Virus, released in March 1999 by hacker David L. Smith, was one of the first computer viruses to gain widespread recognition. It was also the first effective email-aware malware.
It appeared in the inboxes of Microsoft Outlook users as an email with an attachment from someone they knew.
The connected file would automatically forwards to the top 50 contacts listed in the user’s Outlook address book as soon as it was accessed.
There were enough automated emails being sent for many networks to become slow.
Smith said the virus was created as “a harmless joke” when he was detained.
Smith received a 20-month prison term and a $5,000 fine in 2002.
Melissa has not only made people more aware of spyware, but also hacked and attacked.
Botnet Mirai
According to cybersecurity company Norton, a distributed denial of service (DDoS) attack is “one of the most potent weapons on the internet.”
A DDoS attack aims to overwhelm a server or website with more traffic than it can manage in order to render it unusable.
On the US East Coast, a significant portion of the internet was briefly unreachable in October 2016 due to a huge DDoS attack.
The Mirai botnet, a potent botnet (network of compromised machines), was to blame.
It expanded by gaining control of other “smart” things like internet-connected cameras.
The code, which was made public on a hacking website, was initially created to take over a server used for the online game Minecraft; nevertheless, Dyn, an internet infrastructure, was brought down as a result.
Slammer worm
Huge portions of the internet were shut down in 2003 as a result of a virus known as the Slammer worm that was developed by unidentified hackers using modifications to blueprints made by a British researcher.
In an oral history of the Slammer incident published in Wired, it is said that suburban Seattle emergency 911 dispatchers used paper.
Flights from Continental Airlines’ hub in Newark were cancelled because it was unable to process tickets.
Whole nations lost internet access.
13 root-name servers on the internet crashed, five of them.
Two days later, web traffic was largely back to normal.
According to Wired, “worm-infected machines quickly spam the Net with randomly addressed traffic, striking other vulnerable servers.”
The scenario reaches a critical mass when more machines start spewing Slammer packets, potentially leading to a denial of service attack on all 4 billion Internet IP addresses
Businesses were forced to spend up to $1 billion on the “cleanup,” which served as a lesson to everyone about the value of staying up to date. A security patch made available six months prior to the attack would have stopped Slammer infection.
Coreflood
2011 saw the FBI gain notoriety for thwarting a fraud scheme powered by a botnet.
The Coreflood virus infected victims’ computers with a keystroke-logging programme, which it then used to steal their personal and financial information.
The FBI stated in a press statement that once a computer or network of computers is infected by Coreflood—infection may occur when users download a malicious email attachment—thefts manage the virus through remote servers.
By confiscating the servers that were housing the botnet, the FBI stopped it from spreading.
“Cyber crooks made a lot of fraudulent wire transfers before we shut down the Coreflood operation, costing businesses hundreds of thousands of dollars.”
MyDoom
The Mydoom malware, which is blamed on Russian hackers, was initially released.
a code at the start of 2004, which in that year caused Google and other search engines to lag or go offline.
A fresh version first appeared in 2009, and a DDoS attack from that version rendered several government networks in South Korea and the US unusable.
An story from The Guardian at the time claimed that it also targeted The Washington Post and the New York Stock Exchange.
According to Wired, it was “started by a botnet of more than 50,000 machines in numerous nations,” however South Korean police at the time suspected North Korea of being involved.
The worm was still in existence in 2019.
The Ghost Click operation
According to The Guardian, the Operation Ghost Click fraud originally surfaced in 2007 and eventually caused DNSChanger malware to infect computers in more than 100 nations.
A phoney internet advertising agency was set up on infected PCs in order to collect commision from the targeted businesses for each visit to major websites like the US Internal Revenue Service.
Hackers made around $14 million between 2007 and 2011, when the fraud was busted.
The scheme’s six Estonian hackers were apprehended and charged with wire fraud in American courts in 2011.
Morris Worm
The first significant internet attack occurred in 1988 with the introduction of the Morris Worm.
The virus “had infected systems at several of the esteemed institutions and public and private research centres that made up the early national electronic network,” the FBI reported.
[…]
Harvard, Princeton, Stanford, Johns Hopkins, NASA, and the Lawrence Livermore National Laboratory were among the numerous victims.
Damage estimates reached the millions as network speed “slowed to a crawl”.
Robert Tappan Morris, a PhD student at Cornell University, took ownership of the attack and claimed that the worm “was meant as a harmless experiment and that its propagation was the result of a programming error.”
Morris was the first person to be found guilty and punished under the Computer Fraud and Abuse Act in 1989.
SpyEye
Between 2010 and 2012, SpyEye was “the premier malicious banking Trojan,” according to the U.S. Department of Justice.
Aleksandr Panin, a Russian hacker, created it, and it eventually caused “close to [US]$1 billion in financial harm to individuals and financial institutions around the world.” It was “designed to automate the theft of confidential personal and financial information, such as online banking credentials, credit card information, usernames, passwords, PINs, and other personally identifying information,” through a variety of methods.
On forums on the dark web, Panin and his Algerian accomplice Hamza Bendelladj also promoted the spyware.
The two were apprehended following an investigation involving officials from 20 different nations; Bendelladj, who is accused of stealing data from more than 500,000 individuals, was given a 15-year prison sentence in the US.
Panin only received.
the next blog will talk about how computer viruses changed into Trojans and incorporated itself into different software and even allowed hackers access on to that computer.