"Virus Hoaxes."
by Richard Lowe Jr.
Have you ever gotten an email message
like this?
BIGGGG TROUBLE !!!! DO NOT OPEN "WTC Survivor"
It is a virus that will erase your whole "C" drive.
It will come to you in the form of an E-Mail from a familiar person.
I repeat a friend sent it to me, but called and warned me before
I opened it. He was not so lucky and now he can't even start his
computer! Forward this to everyone in your address book. I would
rather receive this 25 times than not at all. If you receive an
email called "WTC Survivor" do not open it. Delete it
right away! This virus removes all dynamic link libraries (.dll
files) from your computer.
Again,,, I urge all of you to make sure your
virius scanners are up to date daily!!!!!! FG
Sounds very bad, doesn't it?
My, what a horrible virus. It, and others like it, will eat your
hard drive, destroy your email, infect every other machine on
your network and listed in your address book, and even perhaps
give you cookies and make your car break down!
This email and others like it are simply
hoaxes? How do I know they are a hoax and not a real
warning? Here's how it works. A virus propagates (reproduces)
by automatically sending itself to all of the addresses in your
address book. This is a fairly complex piece of code, requiring
a little knowledge on the part of the person who created the virus.
Well, instead of writing code to propagate something,
why not ask some gullible people to do it for you? That's what
these hoaxes are all about - the "virus" is the email
message and the delivery system is human being.
Why will people do this? Sometimes it's just
for a laugh, and sometimes it's for more insidious reasons. Someone
could send out a message which claimed that any message from AOL
contained a virus, for example, in an effort to make AOL look
bad.
Here is one of the first hoaxes known to have
been sent out across the internet. It went out in 1988.
SUBJ: Really Nasty Virus AREA: GENERAL
(1)
I've just discovered probably the world's worst
computer virus yet. I had just finished a late night session of
BBS'ing and file treading when I exited Telix 3 and attempted
to run pkxarc to unarc the software I had downloaded. Next thing
I knew my hard disk was seeking all over and it was apparently
writing random sectors. Thank god for strong coffee and a recent
backup. Everything was back to normal, so I called the BBS again
and downloaded a file. When I went to use ddir to list the directory,
my hard disk was getting trashed again. I tried Procomm Plus TD
and also PC Talk 3. Same results every time. Something was up
so I hooked up to my test equipment and different modems (I do
research and development for a local computer telecommunications
company and have an in-house lab at my disposal). After another
hour of corrupted hard drives I found what I think is the world's
worst computer virus yet. The virus distributes itself on the
modem sub-carrier present in all 2400 baud and up modems. The
sub-carrier is used for ROM and register debugging purposes only,
and otherwise serves no othr (sp) purpose. The virus sets a bit
pattern in one of the internal modem registers, but it seemed
to screw up the other registers on my USR. A modem that has been
"infected" with this virus will then transmit the virus
to other modems that use a subcarrier (I suppose those who use
300 and 1200 baud modems should be immune). The virus then attaches
itself to all binary incoming data and infects the host computer's
hard disk. The only way to get rid of this virus is to completely
reset all the modem registers by hand, but I haven't found a way
to vaccinate a modem against the virus, but there is the possibility
of building a subcarrier filter. I am calling on a 1200 baud modem
to enter this message, and have advised the sysops of the two
other boards (names withheld). I don't know how this virus originated,
but I'm sure it is the work of someone in the computer telecommunications
field such as myself. Probably the best thing to do now is to
stick to 1200 baud until we figure this thing out. Mike RoChenle
So what should you do if you receive a warning
about some horrible virus? Generally, if these demand to be sent
to everyone you know, it's a hoax. If you are unsure, then check
out the following site:
Symantic Antivirus Research Center - http://www.sarc.com
Go to the search page and enter a few words from
the message claiming to warn you about a horrible virus. Behold,
you will now read about the hoax. In fact, here's the datasheet
on the virus mentioned at the start of this article:
http://securityresponse.symantec.com/avcenter/venc/data
/wtc.survivor.hoax.html
In any event, hoax or not, it's a good idea to
just file the email or delete it. Don't send it on to all of your
friends. Don't do anything dramatic. These things only gain power
when people give them power.
In other words, maintain your reason and don't
give in to an emotional response which simply floods email inboxes
with junk. |
