First DOS-based malware celebrates silver jubilee
From Brain to zombie hordes in 25 years
The first virus capable of infecting DOS-based PCs celebrates its silver jubilee this month.
The Brain Virus, written by Pakistani brothers Basit and Amjad Alvi, was relatively harmless. The Alvis claimed the malware was there as a copyright protection measure to protect their medical software from piracy, an article by CIO magazine on the anniversary recalls.
Brain replaced the boot sector of an infected floppy disk with malicious code, moving the real boot sector to another part of the disc. The malware had the effect of slowing down disk access and, more rarely, making some disks unusable.
Any other floppies used on a machine while the virus was in memory would get infected, but the malware did not copy itself to hard disk drives, as explained in a write-up here.
The Lahore-based Alvi brothers were fairly upfront about their questionable actions, going as far as embedding their names and business address in the malware code. Although intended only to target copyright violators, the malware infected machines in the US and UK among other places.
It's hard to believe now, but the very few computer viruses prior to Brain infected early Apple or Unix machines.
It is highly unlikely any of today's generation of VXers would do the same. Instead of curios such as the Brain virus, security threats these days take the more ominous form of Zombie botnet clients.
The Alvi brothers could never have imagined we'd get here, even though they arguably helped pave a small part of the way towards a world of Windows malware. ®
My first encounter with a virus
was back in 1988 when I ran into the infamous SCA-virus on the Amiga. As some of you may remember, it was a boot-sector virus that displayed the message "Something wonderful has happened / Your AMIGA is alive !!! And even better / Some of your disks have been infected with a VIRUS!!! / Another masterpiece of the Mega-Mighty SCA / SCA SCA SCA SCA..."
It was noted for trashing original game disks that used the boot sector for copy protection, and Chris of SCA stated in Amiga User magazine that he received death threats over the virus.
Amiga fans may also remember the more malicious Lamer Exterminator file-based virus which came out soon after the SCA. This one actually started corrupting files on both floppies and hard drive (whereas the SCA virus only affected floppies) after a while, and only after it had trashed several files did it announce itself.
TBH, I don't know which is worse - malware that trashes years of work on your computer, or malware that quietly steals your identity and credit card details to trash years to come of your life!
We've been through the range of infection mechanisms, from sneakernet to LAN, to email, to wifi, to mobile phone apps. Now, with auto-run software on USB memory becoming a propagation vector, we're back to sneakernet. Full circle.
Guess they didn't learn the lesson the first time round, that any kind of software which runs automatically from an unsafe source is a Bad Idea.
Back in the days when you had to write programs to make computers work, I used to type *FX200,2 or an extra line CALL &FFBF into the very old BBC's at school when folk I didn't like were using them. They'd press <BREAK> and wonder where their work had gone... The CALL &FFBF (which I stumbled across) had the effect of the the *FX200,2 and pressing the <BREAK> key as well, making running the program the worst action possible. When the victims typed OLD (to get their programs back) all they would get is Bad Program. I was also accused at one point of reprogramming ROM's (on a duff Acorn Electron), which was (a sensationalist lie) believed by all my classmates (and teacher), despite being impossible to do.