Computer viruses are almost as old as personal computers themselves, and their evolution was only hastened by the birth of the internet. Within each code is a story about its author, about the time it was written, and about the state of computing when it wrought havoc upon our hard drives.
The following screenshots illustrate the history of viruses in a few delicate code fragments, so enjoy. But this obligatory warning must be here: Please do not try these at home.
Top GIF: source code of CIH aka Chernobyl, 1998. This virus infected Windows 95, 98 and ME executable files, overwrote the BIOS and remained resident in the memory of the machine. It overwrote data on the hard disk of the infected PC, making it inoperable. Picture: TheDatanet
Jerusalem, aka Friday 13th, 1987
As one of the first MS-DOS viruses, Jerusalem affected many countries, universities, institutions and companies worldwide, infecting thousands of computers. Jerusalem was merciless: On Friday the 13th, the virus deleted all executed program files on the infected hard drive. Supposedly in the name of AL AH:
Morris (aka Internet Worm), November 1988
This early Internet worm infected over 6000 computers in the US, including some of NASA’s. The code itself was flawed, accidentally sending millions of copies of itself to different network computers, paralysing all network resources, causing almost $US100 million damage. The fateful words at the end of the code snippet say it all: “Don’t know how many…”
“Twenty-two points, plus triple-word-score, plus 50 points for using all my letters. Game’s over. I’m outta here.” David L. Smith, aka “Kwyjibo”, the author of this Microsoft Office macro virus, was definitely a Simpsons fan. Melissa was sent through email to different users, and it had the ability to multiply on Word and Excel files and to mass-mail itself from Outlook, overloading internet servers.
I Love You, aka Lovebug/Loveletter Virus, May 2000
A school-aged programmer from Manila who presumably wasn’t very engaged in the classroom wrote this infamous bug. His amorous creation spread via email (subject: ILOVEYOU, attachment: LOVE-LETTER-FOR-YOU.TXT.vbs, message: “kindly check the attached LOVELETTER coming from me”), and deleted all “jpeg” and “jpg” files in all directories of all disks. Not very romantic.
The Code Red worm, July 2001
This devilish little creation infected tens of thousands of systems that ran Microsoft Windows NT and Windows 2000 server software, at the dawn of the 21st century. Code Red defaced the attacked webpages with the text “Hacked by Chinese!” It was able to run entirely on memory, leaving no files behind. The damage it caused was estimated at $US2 billion.
SQL Slammer, 2003
This virus attacked web servers running a vulnerable version of Microsoft SQL Server, then generated random IP addresses in order to infect other computers. It is incredible how small Slammer was — it could fit in the space of five tweets. Here’s the whole code in hexa viewer:
Blaster, aka Lovsan, aka MSBlast, 2003
This virus infected hundreds of thousands of computers through a vulnerability hole in Windows 2000 and Windows XP. It opened a dialog window that told users a system shutdown was imminent. The author hid two messages in the code: “I just want to say LOVE YOU SAN!” and “billy gates why do you make this possible? Stop making money and fix your software!!”
This worm spread itself as an email attachment attacking all versions of Microsoft Windows. It was designed to open a backdoor where a remote user could gain control above the infected computer. Remarkably, the author wrote a tiny poem into the code:
Created by 17-year-old German student, Sven Jaschan, Sasser attacked Windows 2000 and Windows XP machines by exploiting a vulnerability, as seen below:
MyDooom akai [email protected], Novarg, Mimail.R, Shimgapi, 2004
Mydoom became the fastest-spreading mass-email worm ever, at the time it surfaced. It slowed down global internet access by a whopping 10 per cent and slashed some website access by 50 per cent. Its code is not so interesting, however, with its help, one could teach the kids some basic knowledge — such as the alphabet, name of the weekdays and the months.
Conficker aka Downadup, 2008
Nomen set omen, as the Romans would say: The name of this malware worm comes from the words “Configuration” and the German “Ficker” (yes, it means “Fucker”). And that sums it up: Conficker screwed the configuration settings.
Stuxnet (and its evil son, DuQu) is often referred to as the first “cyber super weapon”. The virus was a US and Israeli governmental worm designed to attack Iranian nuclear facilities, but unsurprisingly it accidentally spread beyond its intended targets. Here is a nice snippet from this digital sword:
Flame aka Flamer aka sKyWIper, 2012
This massive, highly sophisticated modular computer malware infected computers running Windows operating system, and attacked systems in Middle Eastern countries — mostly in Iran, Lebanon, Syria and Sudan. Needless to say, it was part of the well-coordinated, ongoing, state-run cyber war, which began with Stuxnet. Flame was heavy weaponry. It was so big, it got loaded into a system in pieces — first, the machine got hit with a six megabyte component, which contained about half-a-dozen other compressed modules inside. Flame stopped operating after its public exposure, because the operators had the ability to send a kill module to it. Here is a tiny piece of Flame: