This in-depth article takes a look at hacking on the Internet. Covering hacker motivation, computer viruses, security, personal firewalls and how to track a hacker!
5. Computer Viruses
5.1 Introduction to Computer Viruses
A computer virus is a term applied to any program that is designed to damage data stored on a computer system
or network. The virus may infect documents, applications or worst of all system files that are essential to the correct running
of the computer system.
A computer virus is written by an ill-intentioned computer programmer and spread from computer to computer by means of e-mail
attachments, downloaded software (often Warez), or portable storage mediums such as floppy or zip disks.
A computer virus only infects the software of a computer system, not the hardware. In the worst-case scenario where a virus has
caused irreparable damage to a system's software, the machine can still be recovered by re-formatting the hard drive and
re-installing the operating system, but all of the data stored on the machine will be lost.
5.2 Classification of Computer Viruses
There are many types of computer viruses, here is a description of some of the more common variants:
Boot Sector Virus: A boot sector virus occupies the boot sector of a floppy disk or hard disk and loads into memory during the boot-up
process. Once in memory, it will attempt to infect the boot sector of any floppy disk that is used in the computer system.
Executable Load Virus: This type of virus attaches itself to executable files and installs itself on the system whenever the
executable file is run. Once in memory, it will attempt to infect other program files by attaching itself to them.
Polymorphic Virus: A polymorphic virus is a virus that encrypts itself, changing it's 'signature' so that it is difficult to detect
by anti-virus software, by using a 'mutation engine' to change the appearance of the virus in an attempt to evade detection and
Macro Viruses: A macro virus is one written in a programming language embedded inside another document, such as a word processor
document or spreadsheet document. The software suite most targeted by macro viruses is the Microsoft Office suite of applications,
but any application that contains a complex embedded macro language can be used to write such a virus.
Trojan Horses: Although technically not a virus, the Trojan horse posses a greater threat to the integrity of your computer
system's privacy than any other attack. A Trojan horse must be installed on your machine either by direct access (by a hacker
using a floppy, etc.), or installed using the 'executable load' payload method described above. Once installed, the virus begins
to log every key press made on the keyboard into a log file, which it then e-mails to the hacker covertly upon you connecting to
The key log file may contain credit card numbers, personal information, or network or e-mail passwords which often leads to
Trojan horses being labelled 'password-sniffers'.
Worms: Worms possess the ability to replicate themselves independently of human interaction, while using polymorphic engines to
disguise their movements. They are often designed to read the computer users contact e-mail lists from something like Outlook
Express, and then e-mail themselves to every address within that list.
Worms copy themselves from computer to computer rather than from file to file, and because they require no human help to do so, they
can spread much more rapidly than regular computer viruses, in extreme cases they can cause e-mail servers to crash with the resulting
excessive e-mail traffic that is generated.
Zombies: Zombies may remain dormant on a computer system for an extended period of time. They are normally programmes used by hackers
in a coordinated attack on a system, whereby the hacker triggers the Zombie remotely to aid his/her attack on the
computer system or network, creating a 'back door' into the system by weakening security devices or programs.
Although Zombies cause no actual damage to a computer system, their presence on the system is unwelcome. Like many other types of
virus, they can be received by e-mail or else have to be physically installed onto the targeted system.