[Date Prev] [Date Next] [Thread Prev] [Thread Next]

Ready for next Virus?

Apr 23, 1999 08:24 AM
by M K Ramadoss

Here is a news item of interest.


                           New virus strikes Monday 

                           Data-destroying Chernobyl virus called
                           worse than 'Melissa'

                           April 23, 1999: 7:06 a.m. ET

                  SAN FRANCISCO, (Reuters) - A virus that can
                  wipe out all the data on a personal computer's hard
                  drive and even make it impossible to start programs up
                  is set to hit next Monday, security experts warned. 
                     The virus is a malicious piece of software code that
                  has been turning up in PCs for months, but the version
                  that will strike on Monday is the most-feared variation.
                     The so-called CIH or "space filler" virus originated
                  in Asia last summer and hits on the 26th of each
                  month. The CIH 1.2 that appears only once a year in
                  April is the "most prevalent and dangerous" form of the
                  virus, said Sal Viveros, marketing vice president for
                  Network Associates Inc., the largest computer
                  security company.
                     The CIH virus is far more dangerous to individual
                  computers than "Melissa," the much publicized bug that
                  spread relatively benign problems far and wide on the
                  Internet last month.
                     The CIH virus can irretrievably destroy data on a
                  user's computer, and even make the machine
                  inoperable, while Melissa only really caused
                  embarrassment, by sending a list of porn sites from an
                  infected computer's e-mail address book, and tied up
                  some corporate e-mail systems with traffic.
                     The CIH gets the name "space filler" because it
                  uses a special technique that secretly fills file space on
                  computers and thwarts many of the anti-virus software
                  programs in place before its arrival. The virus is also
                  called the "Chernobyl" virus because it's timed to go
                  off on the anniversary of the Russian nuclear accident,
                  one of technology's worst disasters.
                     The virus is designed to hide from view by inserting
                  itself into empty coding slots on a computer's software
                  utilities. Viruses are often detected because they use
                  up extra space on hard drives, but the "space filler"
                  helps CIH avoid that traditional method of detection. It
                  can lie dormant for months before causing damage.
                     The April version of the virus is particularly
                  damaging because it can also keep a computer from
                  starting up by infecting the software on which all the
                  PC's programs depend, the basic input/output system,
                  or BIOS. If the BIOS is infected, the computer will not
                     Most up-to-date anti-virus software will spot the
                  bug, if it's there, and many corporate computers have
                  recently upgraded their protection due to the Melissa
                  scare, said Network Associates' Viveros.
                     The biggest impact is likely to be on home
                  computers, said Viveros, who added that computer
                  users can download an anti-virus program free of
                  charge from his company's site. The virus is spread by
                  e-mail over the Internet or in pirated software. It
                  infects Windows 95 and Windows 98 files. 
                     "People should make sure they have the latest
                  anti-virus software run on their computers," said Bill
                  Pollak, of Carnegie Mellon's Software Engineering
                  Institute, which runs the Computer Emergency
                  Response Team, or CERT. The center has already
                  prepared an "incident" note that it will put on its site. 

[Back to Top]

Theosophy World: Dedicated to the Theosophical Philosophy and its Practical Application