The fact that the computer is infected with a computer virus is today synonymous with disbursement of money. The vast majority of malware (or malicious code) that circulates on the internet seeks a direct financial reward, for example by encrypting data and asking for a reward for releasing it (ransomware). In some cases, the victim will only find out that they have been attacked when they see the amounts taken from their checking account.
Viruses weren’t always this discreet. At the dawn of the age of consumer computing, the malware it was more of a hobby of the early hackers; a way of demonstrating your knowledge and putting yourself to the test. Its display was very visual: colorful lights invaded the screen at a frantic pace, cascades of windows opening incessantly, letters falling to the bottom of the monitor; boat appearances, marijuana leaves, naked women, supposedly funny messages … Those infected were harmed, who could lose all their data, but they were not plucked.
Times have changed so much in the world of viruses that there are true nostalgia for the first malwares. Among them the Texan Daniel White (Danooct1), who has almost 300,000 subscribers on his YouTube channel. It shows what happens when a computer is infected with any of these malicious codes. In his most viewed video, With over 4.5 million views, you can see the windows of the YouAreAnIdiot Trojan continually displaying until the computer is restarted. He has also made demonstrations with more recent examples, such as the media Wannacry or NotPetya, from 2017. And he has even recorded experimenting with viruses developed for the occasion by his own followers.
The virus as a form of expression
“I think I will have shown how about 400 work malwares different. I especially like the flashier ones. The ones that affected MS-DOS and early Windows were especially known for that, ”explains White from Dallas. “Although most malware of the last 15 years it is silent and financially motivated, the common perception of viruses still evokes the mental image of airplanes flying across the screen, windows with rude messages and the random and total destruction of system files ”, underlines this engineer 30 years.
His passion dates back to 2004, when his computer was first infected with a worm called Sasser. Since then he has not stopped looking at this type of software. I wanted to know more and more about them. He was seduced by the idea of someone, from the basement of his house, typing a code that would then cause “strange and interesting” effects on other people’s computers.
“I started looking for databases of descriptions of malware and its infection and activation routines ”, he recalls. “My favorite was the F-Secure virus library, which contained many comments from famed cybersecurity researcher Mikko Hyppönen.”
The ‘malware’ collector
The Finn White is referring to, considered a world benchmark in cybersecurity, is also a virus collector. Hyppönen combines his position as director of research at F-Secure with a busy schedule of conferences and seminars … and with the curation of The Malware Museum, the first online repository of malicious code. “I had a collection of viruses from the late 80s and early 90s and, five years ago, I noticed that Internet Archive I had developed a system with which to emulate the operation of old PCs from any browser ”, explains Hyppönen. The system you are talking about was used primarily for playing old video games. “I investigated whether this medium would also be able to reproduce viruses. It turned out that it was, so now anyone can marvel at what some computer viruses from 30 years ago are capable of, “he adds.
His personal collection has thousands of them, but the museum shows only a few dozen, the ones that are more entertaining to see (there are others that, despite their technical complexity, have a very loose screen display). “My favorite is Casino. It is a destructive virus that overwrites the file allocation table on certain dates. However, he keeps a copy of the assignment before overwriting and then invites the victim to play a game of chance. If you win, everything goes back to your site and you get the data back; if you lose, or if you restart the system without playing, all files are destroyed. “
An art form?
Ingenuity and fireworks were characteristics of what we now consider viruses vintage. “Many authors of malware The old school used their viruses as forms of expression. That is why they had such stagings so nourished with animations, sounds and photographs. Viruses are definitely an art form, quite a unique one indeed, ”Hyppönen says.
The truth is that there are people willing to pay for works composed from malware. Someone paid 1.2 million euros in a New York auction in 2019 for a laptop infected with the six most dangerous viruses that were known at that time. The piece, titled The persistence of chaos and signed by the artist Guo O Dong, it aims to raise awareness that attacks in the digital world also have repercussions in the physical world.
History of computing
Knowing the past is important to understanding the present. For this reason, and out of professional interest, Hyppönen tracked down what is considered the first virus in history, Brain, in 2011 when it was 25 years after its creation. Finnish traveled to Pakistan to meet its creators, the brothers Basit and Alvi Amjad. They designed it as a form of protection against piracy of the programs that they wrote and recorded themselves on 5.5 floppy disks. This research can be considered archeology of the malware.
“Computer security has evolved a lot, but the techniques and strategies used twenty years ago against threats are still the main component of modern antivirus,” explains White. In other words, although technology has advanced, knowing the techniques of early virus developers can be very helpful to those of today. And those responsible for creating the defense architecture, of course.
White is aware, however, that his hobby is not safe for the uninitiated. “A material potentially as dangerous as certain viruses should not be archived lightly, so that it can be downloaded without difficulty who does not know very well what is at hand or someone with bad intentions,” he says.
“Without documenting and recording the past, most of the software malicious would have been lost. And it constitutes an important part of the history of computing. Many of the databases that I learned about 15 or 16 years ago have already disappeared from the internet as cybersecurity companies focus less on the past than on current threats, “says White. He considers himself, in fact, a historian of the malware. “It is crucial that we try to preserve this important chapter in the history of the Internet,” says Hyppönen. “If we don’t do it, who will?”