Skip to content

Home Search Site Map Contact Us
You are here: Home Blog Reviews The Life and Times of the Computer Virus
The Life and Times of the Computer Virus Print
Sunday, 29 July 2007 15:13

Virus Birth in 1975The computer virus has grown and matured over the past few decades. Its birth is considered by many to have been at the hands of John Walker in 1975. Walker created a subroutine called PERVADE as part of the program ANIMAL that ran on a UNIVAC. Animal was a computer program that would try to guess the animal you were thinking of by asking series of twenty questions. PERVADE was a subroutine that allowed ANIMAL to copy itself into another directory when played by someone. This sounds harmless enough. The only real potential for damage, so to speak, is that eventually the system would run out of space as more and more users played the game.

The virus in adolescence manifested as quite the prankster courtesy of Elk Cloner, a program written by Richard Skrenta in 1982. Elk Cloner is in fact thought to be the first PC virus, which infected Apple IIs (take that you Mac nuts). Elk Cloner would count the number of times a disk had been run, and on the 5th time, it would shut the computer down or perform some other neat trick. Every 50th use, the virus would cause the screen to go blank, and Skrenta’s poem would appear:

Elk Cloner: The Program with a personality

It will get on all your disks
It will infiltrate your chips
Yes, it’s Cloner!

It will stick to you like glue

It will modify ram too
Send in the Cloner!

Around 1987 a boot sector virus called Stoned began to spread and continued until the early 1990s. When an infected computer was started, there was a one in eight probability that the screen would declare:

Your PC is now Stoned!

Tandy TRS-80 Model IIII didn’t make the history books, but I did have an occasion or two to play with the prankster. One of my first stunts occurred around 1980 when I modified the code of a math quiz on a TSR-80 computer. A simple alteration allowed the screen to verbally demean anyone that gave an incorrect answer to some of the simpler problems.

It’s important to note that the virus in this era had limited capacity for propagating itself to other systems. Computers in the 80’s were for the most part stand alone systems and generally only media moved between them. Ultimately that left the floppy disk as practically the only viable transport a virus could use to spread itself into a new system. The system, once infected by the insertion of the original floppy was then capable of infecting clean floppies thus completing the replication circle. The process by and large worked, but was painfully slow.

So at this point, we can see that the virus in its youth had a pretty carefree existence. As he was first fashioned, it was difficult at best for him to reproduce in any significant numbers before being squashed. And since only a few people had computers at that time, there really wasn’t much purpose in creating a virus other than to play a prank on one of your other computer pals. In simple terms, most of the early viruses were just having a good time being mischievous computer pranks.  However, events that transpired around in the next decade inadvertently created a means for the virus to begin to live life in the fast lane. The Internet was born. Our young virus and the Internet became best of friends early on. No more waiting weeks on end for a free ride on the slow floppy bus. The Internet afforded the virus the network and necessary velocity to spread itself at light speed to hundreds and thousands of computers in mere seconds.  And the virus learned to drive this highway very quickly.

The next bit of more recent history, I’ll be the first to tell you, I missed. I knew exactly what a virus was. I knew of his directives, such as the macro virus, the Trojan horse, and the worm. But, when the terms like adware, malware, and spyware started to float around, I didn’t connect the dots immediately. Months later I began to piece it all together. Let’s recap for a minute. The virus as a child was just having a little fun. In his teens he experimented a little more with boot sector viruses like Stoned, but was still rather innocent. Entering his twenties, life had picked up the pace and he simply just enjoyed living in the fast lane for a while. But as he entered his thirties, he saw things with a different perspective – money. He saw business opportunities as he began to realize his services had value. The virus began to use ideas it had toyed with during his mischievous youth to discover its commercial validity.

Virus Click to CashMuch of the Internet is associated with an advertising based model. Simply stated, traffic to a site means money. The more traffic, the higher the numbers, the more the site is worth. This line of thinking surrounded the dot com boom in the 90’s. The virus saw this advertising model of his buddy the Internet as a workable exploit for his newfound business endeavors.

Let me give you an example scenario. Ad serving programs allow website owners to place other people’s ads on their website. The companies receive money from individual advertisers who sign up for ads. In turn a percentage of the profit is paid to the owner of the site for whom the ad was displayed and clicked. So for the purpose of this example, let’s say John owns a website. John enrolls in one these programs and places advertisements on his site. Generally the ad server would generate and display ads based on the content on John’s site. If someone clicks one of John’s ads on his site, he would earn some cash. Again, because the ad was displayed and clicked on John’s site, the ad server would pay a portion of the money they received from the advertising company directly to John. Pretty simple, huh? Let’s take it a step further. Say John creates a virus that would infect the visitors of his site. The infected computers could now robotically click his ads. John would no longer need real visitors to generate an ad based income. As long as the infected computers were switched on and connected to the internet, John’s virus could click the ads as a hidden background process.

This is often why computers infected with viruses today run very slow, as much of the computer’s processor power is busy making money for someone.

A slightly more advanced version of John’s virus could receive and execute instructions given to it remotely. If 100 visitors had become infected by visiting his site, John would have 100 computers at his command. He could then instruct them to only click at specific times or even direct the infected machines to click ads on entirely different sites. John’s virus would be simulating a real person actually clicking the ads. Since the virus would be on multiple computers in various parts of the world, it would be difficult for the ad server or the advertisers to distinguish between a real person clicking their ad versus John’s robotic virus. Hopefully you haven’t visited John’s imaginary site, but this gives you a simplistic example of how someone could use a virus to generate money. In my opinion, it has already grown vastly larger than my crude example.

Virus CashMr. Virus and this type of revenue model is big business now. There are serious implications for organized crime and mafias of the world. The virus, as an adult now, is continually learning new ways to earn his keepers money. And right now I believe most venues center around the Internet and its connection to advertising.

This brings us to today and today’s army of zombie bots. A zombie bot, you say? Sound scary? Your computer could be a zombie bot right now. It is believed there are thousands, if not tens of thousands of infected computers in each network of zombie bots known as botnets. The owners of these botnets can really rake in the cash. They can use their army of bots to generate income via click through ads or rent out their armies’ services for use as very effective spamming machines.

A diagram of the process by which spammers use zombie computers to send spam can be seen in our article “Zombie Bot Process”.

Spamming is one of Mr. Virus’s more recent business ventures, as he has found his services usually thrive in areas of questionable legality. The first spammers didn’t require Mr. Virus’s services. They simply fired up their computer and sent out spam day and night. As people began to grow tired of junk in their inbox, they complained. ISPs listened and implemented software to help block spam. The spammers were crafty and found new ways to sneak their ads through. People again complained, the government got involved, and made spam illegal. “Illegal you say”, said Mr. Virus, “I can surely help with that”.

- Grant Brown

Bookmark and Share

Comments (0)

Subscribe to this comment's feed

Write comment

narrow screen wide screen Increase font size Decrease font size Default font size