The most significant development in the first six months of 1999
has been the emergence of mass-emailing viruses. WM97/Melissa the macro
virus (supposedly named after a stripper the alleged author used to
admire), and ExploreZip the executable
worm both exploited email systems to forward themselves
automatically to other users.
Both WM97/Melissa and ExploreZip were deliberately coded to
auto-propagate themselves using Microsoft Outlook (the default
email system on most computers).
In the past new viruses often took months before ever being seen
in the wild. These new mass-emailing viruses don't rely on users to
distribute them accidentally to their friends and colleagues. They
employ the email system directly. WM97/Melissa proved it was
possible for a virus to become widespread, around the globe, within
a single day.
David L Smith has been arrested by the FBI in relation to the
WM97/Melissa virus outbreak and is awaiting trial.
Other developments in the last six months include:
- Innocent computer users were caught in the crossfire between
lovers of rival computer languages: the author of ExploreZip
(written in Pascal) made clear his scorn of C programmers by
reducing all their source code files to zero length.
- The first Corel
Script virus was released, displaying an Elvish song from J R R
Tolkien's "Lord of the Rings".
- Asia Pacific was hit hard in April by W95/CIH-10xx, the first
PC-paralysing virus which flashed computer BIOSes. Fortunately,
Western companies had listened to anti-virus vendor warnings and
had largely put protection in place.
- The Cult of the Dead Cow hacking group ended up with egg on
their face after CDs they distributed at the Defcon conference
turned out to be infected with the W95/CIH-10xx virus. Despite the
hype caused by Back Orifice
2000 it is not viewed as a serious threat.
- Executable file viruses are back (for example W95/CIH-10xx,
W95/Marburg and
W32/Ska-Happy99).
- Boot sector viruses are still causing problems, and appear just
outside the Top 10 of all viruses reported.
Sophos continue to recommend that companies keep their
anti-virus software up-to-date and employ "safe computing" policies
such as not opening unsolicited documents and executables. The rule
of 'ignore email from strangers' is not enough. Viruses are often
spread unintentionally via your friends and colleagues.
January - June 1999 top ten viruses