Most Popular And Dangerous Virus
System or Boot Sector Virus
These typically move the Master Boot Record (MBR) to some other location on the disk and copy their own code to the MBR and thus get executed first when the system boots. These are basically shell viruses which form a shell around the executable to which it is attached and gets executed first before the control is passed on to the executable.
Let’s have a brief intro to top 4 boot sector viruses:
Elk Cloner virus is the first in-the-wild boot sector virus that spread & affected users in real-world setting for the first time. This virus was created by 15-year old Richard Skrenta in early 1981.
Brain virus which infects only the boot sector of IBM PC floppy disks with a 360kb capacity. The originated country of this brain virus was Pakistan.
Stoned virus which was intentionally non-malicious virus and only periodically printed the message “Your PC is now stoned!” on computer screen. The originated country of this stoned virus was New Zealand.
Michelangelo virus which was first discovered in Feb 1991 was one of the dangerous boot sector virus that the world has ever seen. It was a variant of Stoned boot sector virus.
Other popular boot sector viruses are: Parity Boot Virus, Denzuko Virus, Noint Virus, Barrotes Virus, Angelina Virus, AntiEXE virus, Crazy_Boot virus, AntiCMOS, Lamer Exterminator and Ping Pong virus.
These are usually written in Visual Basic Applications (VBA) and infect the files created by MS Office programs like Microsoft Word, Microsoft Excel. The first macro virus was discovered in July 1995 and was accidentally included on a CD-ROM called Microsoft Compatibility Test.
The most common methods of spreading such macro viruses include:
- Email Attachments
- USB Drives
There are basically two types of macro viruses exist:
- Concept Virus – A first virus appearing in July 1995 and targeted MS Word.
- Melissa Virus – A first virus with email worm trait appearing in March 1999 which infects thousands of systems within hours.
These infect files which are executed or interpreted, e.g., *.EXE, *.SYS, *.COM, *.PRG, *.BAT etc. These types of viruses basically overrides code or inserts infected code into an executable file. These type of viruses basically infect in a variety of ways and can be found in a large number of file types.
File infecting viruses have targeted a range of operating systems, including Mac, Unix, Windows, Linux, and DOS. With the help of VirusTotal, you can easily analyze the suspicious files and URLs.