Computer Viruses

Lecture 9

What Are Computer Viruses?

A computer virus is a malicious program designed to spread across systems and disrupt normal
computer operations. It replicates by attaching itself to legitimate files or programs and can cause
significant damage once it is activated, either by running the infected program or file. Like other
types of malware, a virus is deployed by attackers to damage or take control of a computer. Its
name comes from the method by which it infects its targets. A biological virus like HIV or the flu
cannot reproduce on its own; it needs to hijack a cell to do that work for it, wreaking havoc on the
infected organism in the process. Similarly, a computer virus isn’t itself a standalone program. It’s
a code snippet that inserts itself into some other application. When that application runs, it executes
the virus code, with results that range from the irritating to the disastrous.
Activation of Virus:
When the computer virus starts working, it is called activation of virus. A virus normally runs all
the time in the computer. Different viruses are activated in different ways. Many viruses are
activated on certain dates. For example, a popular virus Friday the 13th virus is activated only the
day is Friday and date is 13.

Effects of Viruses on Computers

Viruses can have various detrimental effects on both hardware performance and the data stored on
a computer:
1. System Slowdowns:
Viruses consume resources such as CPU and memory, leading to slower system
performance.
2. Frequent Crashes and Errors:
The computer may freeze, crash unexpectedly, or display error messages due to corruption
caused by the virus.
3. Loss of Files:
Some viruses delete or modify important files, causing data loss or corruption.
4. Unauthorized Behavior:
Viruses can cause strange behaviors, such as programs opening on their own, unwanted
advertisements, or unwanted software installations.
5. Disabled Security Programs:
Viruses may disable antivirus software or firewalls, leaving the system vulnerable to
further attacks.
Threats to Information from Viruses:
Viruses pose serious threats to sensitive data and information:
1. Data Theft:
Viruses may steal sensitive data such as passwords, financial details, and personal
information for malicious use.
2. Confidentiality Breaches:
Personal or confidential business information can be accessed, leaked, or sold to third
parties.
3. Identity Theft:
Stolen personal information can be used to commit fraud or identity theft, causing financial
and reputational damage.
4. Ransomware Threats:
Some viruses, like ransomware, encrypt users' data and demand a ransom for the decryption
key, locking users out of their files until they pay.

Sources of Viruses:
Viruses can infiltrate computers from a variety of sources, often through unsuspecting actions by
users:
1. Email Attachments:
Malicious files attached to emails can infect a system when downloaded or opened.
2. Infected Websites:
Visiting compromised websites or clicking on malicious ads (malvertising) can trigger
automatic virus downloads.
3. USB Drives and External Devices:
Viruses can spread through infected USB drives, external hard drives, or other removable
storage devices.
4. Downloading Untrusted Software:
Free or pirated software from unreliable sources often contains viruses disguised as
legitimate programs.

Reasons for the Spread of Viruses:

1. Human Error:
Users may unintentionally download malicious files or click on phishing links due to lack
of awareness.
2. Outdated Software:
Systems with unpatched security vulnerabilities are prime targets for virus attacks.
3. Weak or Reused Passwords:
Using simple or reused passwords makes it easy for hackers to compromise accounts and
spread malware.
4. Unsecured Public Networks:
Accessing unsecured Wi-Fi networks allows attackers to intercept data and spread viruses.
 5. Social Engineering Attacks:
Hackers use deceptive tactics (e.g., phishing emails) to trick users into downloading viruses
or providing sensitive information.

Types of Computer Viruses

Computer viruses come in different forms, each with specific behaviors and effects. Below are
some of the most common types of viruses:
1. File Infector Virus:
 How It Works:
Attaches itself to executable files (.exe or .dll) and spreads when the infected file is run.
 Effects:
Corrupts or modifies files, making them unusable.
 Example:
Cascade Virus: Corrupts files and causes characters to fall down the screen.
2. Boot Sector Virus
 How It Works:
Infects the boot sector or master boot record (MBR) of storage devices, such as hard drives
or USB drives.
 Effects:
Prevents the system from booting properly; may block access to the operating system.
 Example:
Michelangelo Virus: Activates on March 6th and damages data by overwriting it.
3. Macro Virus
 How It Works:
Written in macro programming languages and spreads through documents such as
Microsoft Word or Excel files.
 Effects:
Executes malicious commands when the document is opened, potentially infecting other
documents.
 Example:
Melissa Virus: Spread through email attachments and disrupted corporate networks.
4. Polymorphic Virus
 How It Works:
Changes its code or encryption pattern every time it replicates, making it harder to detect.
 Effects:
Bypasses antivirus software by changing its signature.
 Example:
Storm Worm: A polymorphic Trojan used to spread spam and malware.
5. Resident Virus
 How It Works:
Installs itself in the system’s memory and activates whenever the system or a program is
used.
 Effects:
Corrupts files and programs as they are accessed.
 Example:
CMOS Virus: Corrupts the system’s memory and interferes with system settings.
6. Multipartite Virus
 How It Works:
Spreads through multiple ways, such as infecting both boot sectors and files.
 Effects:
Difficult to remove as it attacks both files and the boot sector simultaneously.
 Example:
Tequila Virus: Infects both program files and the boot sector.
7. Web Scripting Virus
 How It Works:
Exploits vulnerabilities in web browsers and websites through malicious scripts.
 Effects:
Redirects users to malicious sites, installs malware, or steals personal data.
 Example:
Beast Virus: Injects malicious scripts into browsers to spread through web traffic.
8. Ransomware
 How It Works:
Encrypts the user’s files and demands a ransom to unlock them.
 Effects:
Locks critical data and forces users to pay to regain access.
 Example:
WannaCry Virus: Spread globally in 2017, locking systems and demanding payment in
Bitcoin.
9. Worms
 How It Works:
Unlike traditional viruses, worms replicate independently across networks without needing
a host file.
 Effects:
Consumes network bandwidth and causes system slowdowns or crashes.
 Example:
ILOVEYOU Worm: Spread via email and affected millions of computers globally.
10. Trojan Horse
 How It Works:
Disguised as legitimate software, it tricks users into installing it, giving hackers remote
access to the system.
 Effects:
Allows unauthorized access to data or takes control of the system.
  Example:
Zeus Trojan: Used to steal banking credentials and personal information.
11. Logic Bomb
 How It Works:
A malicious code that activates after specific conditions are met (e.g., a date or event).
 Effects:
Triggers harmful actions such as deleting files or corrupting data.
 Example:
CIH (Chernobyl) Virus: Activated on specific dates and erased data from infected systems.
12. Adware
 How It Works:
Automatically displays unwanted advertisements, often bundled with free software.
 Effects:
Slows down the system and can compromise privacy by tracking user activities.
 Example:
Fireball Adware: Hijacks browsers and injects ads into websites.
13. Spyware
 How It Works:
Secretly gathers user information and sends it to third parties without consent.
 Effects:
Steals passwords, keystrokes, and browsing habits for malicious purposes.
 Example:
Keyloggers: Record keystrokes to capture sensitive information.
14. Rootkits
 How It Works:
Hides in the system and provides hackers with privileged access.
 Effects:
Allows attackers to control the system remotely and install additional malware.
 Example:
Sony BMG Rootkit (2005): A controversial rootkit used for DRM purposes that
compromised systems.

Need to Keep Your Data Secure

Given the variety and sophistication of viruses, it is essential to take measures to protect data and
systems from potential threats. Failure to do so can result in the loss of important files, privacy
violations, and financial damage.

Steps to Keep Your Data Secure:

 Install and Update Antivirus Software:
Use trusted antivirus software and ensure it is regularly updated to detect and remove the
latest viruses.
 Apply Regular Software Updates and Patches:
 Keeping your operating system and software up to date ensures that known security
vulnerabilities are fixed.
 Use Strong and Unique Passwords:
Create strong passwords and avoid reusing them across multiple accounts. Consider using
a password manager.
 Enable Firewalls:
Firewalls monitor and block malicious traffic from entering your system, offering a critical
line of defense.
 Backup Your Data Regularly:
Keep regular backups of important files on external drives or cloud services to ensure you
can recover data in case of an attack.
 Be Cautious with Email Attachments and Links:
Do not open unexpected email attachments or click on suspicious links, even if they appear
to come from known sources.
 Encrypt Sensitive Data:
Encryption ensures that even if your data is accessed without authorization, it cannot be
read without the correct decryption key.
 Avoid Downloading Software from Untrusted Sources:
 Always download software from trusted websites or official app stores.
 Use Two-Factor Authentication (2FA):
Enable two-factor authentication for an additional layer of security on your accounts.