Typically, computer viruses spread through malicious online downloads, infected attachments, or by connecting infected hardware such as an external flash drive (USB flash drive). Computer viruses can spread through almost any file-sharing method, as long as the virus can evade detection by antivirus programs. Worm – A worm is a type of virus that, unlike traditional viruses, typically does not require a user`s action to spread from one device to another. In order not to be detected by emulation, some viruses completely rewrite themselves each time they infect new executable files. Viruses that use this technique are called metamorphic code. To enable metamorphosis, a “metamorphic engine” is needed. A metamorphic virus is usually very large and complex. For example, W32/Simile consisted of more than 14,000 lines of assembly code, 90% of which are part of the metamorphic engine. [65] [66] A virus can spread when a user opens an attachment, runs an executable file, visits an infected website, or displays an infected website advertisement, known as a malicious advertisement. It can also spread via infected removable drives such as Universal Serial Bus (USB) drives. Once a virus infects the host, it can infect other software or system resources, modify or disable basic features or applications, and copy, delete, or encrypt data.
Some viruses begin to replicate as soon as they infect the host, while other viruses remain dormant until a specific trigger causes malicious code to execute by the device or system. The following measures can help you prevent virus infection: A computer virus is malicious software that is loaded onto a user`s computer without their knowledge and performs malicious actions. Description: The term “computer virus” was first officially defined by Fred Cohen in 1983. Computer viruses never occur naturally. They are always human-induced. Once created and released, however, their spread is not directly under human control. To avoid detection by users, some viruses use different types of deception. Some older viruses, especially on the DOS platform, ensure that the last modified date of a host file remains the same if the file is infected with the virus. However, this approach does not fool antivirus software, especially those that maintain and date cyclic redundancy checks for file changes. [51] Some viruses can infect files without increasing their size or damaging the files. They accomplish this by overwriting unused areas of executable files.
These are called cavity viruses. For example, the CIH virus or the Chernobyl virus infects portable executable files. Because these files have many empty spaces, the virus, which was 1 KB long, did not increase the file size. [52] Some viruses attempt to evade detection by terminating anti-virus software tasks before they can be detected (e.g., Conficker). A virus can also use a rootkit to hide its presence by not appearing in the list of system processes or by disguising itself as an approved process. [53] In the 2010s, as computers and operating systems become larger and more complex, old concealment techniques must be updated or replaced. Defending a computer from viruses may require migrating a file system to granular and explicit permissions for each type of file access. [ref. needed] Since Chromium is open-source, anyone can download Chromium and customize it according to their needs. Malicious actors could download and modify Chromium for malicious purposes.
WebNavigator Chromium Browser is an example of a threat actor that customizes Chromium code and uses it as a search hijacker. To repeat, chromium itself is not a virus. Computer viruses are often spread via email. Hackers can use other people`s email accounts to spread malware and carry out wider cyberattacks. So, if an email account sent an email in the Outbox that a user didn`t send, it could be a sign of a computer virus. The first known description of a self-replicating program in fiction is found in Gregory Benford`s 1970 short story The Scarred Man, which describes a computer program called VIRUS that, when installed on a computer with telephone modem dialing capability, dials random phone numbers until it encounters a modem to which another computer responds. then tries to program the answering machine with its own program. So the second computer also starts dialing random numbers, looking for another computer to program. The program spreads rapidly exponentially through vulnerable computers and can only be combated by a second program called VACCINE. [117] Rootkit virus.
A rootkit virus is a type of malware that installs an unauthorized rootkit on an infected system and gives attackers full control over the system with the ability to fundamentally modify or disable features and programs. Rootkit viruses are designed to bypass antivirus software that normally scans only applications and files. Newer versions of major antivirus and antimalware programs include rootkit scans to identify and mitigate these types of viruses. The first scientific work on the theory of self-replicating computer programs[11] was done in 1949 by John von Neumann, who taught at the University of Illinois on the “theory and organization of complicated automata”. Neumann`s work was later published under the title “Theory of Self-Reproducing Automata”. In his paper, von Neumann described how a computer program can be designed to replicate itself. [12] Von Neumann`s design for a self-replicating computer program is considered the world`s first computer virus and is considered the theoretical “father” of computational virology. [13] In 1972, Veith Risak published his paper “Self-replicating automata with minimal information transmission” directly based on von Neumann`s work on self-replication. [14] This article describes a fully functional virus written in the assembly programming language for a SIEMENS 4004/35 computer system. In 1980, Jürgen Kraus wrote his diploma thesis “Self-reproduction in programs” at the University of Dortmund. [15] Kraus postulated in his work that computer programs can behave in the same way as biological viruses.
If an email reads strangely, it`s probably a phishing scam or malspam. If you have any doubts about the authenticity of an email, don`t be afraid to contact the sender. A simple phone call or text message can save you a lot of trouble. A computer system running slower than usual is one of the most common signs that the device has a virus. This includes the system itself running slowly, as well as the apps and internet speeds that suffer from it. If powerful applications or programs are not installed on a computer and it runs slowly, it may indicate that it is infected with a virus. There are several types of computer viruses that can infect devices. In this section, you will learn how to protect computer viruses and remove computer viruses.
A web script virus attacks web browser security and allows an attacker to inject web pages with malicious code or client-side scripts. This allows cybercriminals to attack important websites such as social networks, email providers, and any website that allows users to type in or review. Attackers can use the virus to send spam, engage in fraudulent activities, and corrupt server files. One way to bypass signature recognition is to encrypt (encode) the virus body using simple encryption, leaving only the encryption module and a static cryptic key in plain text that does not change from one infection to another. [59] In this case, the virus consists of a small decryption module and an encrypted copy of the virus code. If the virus is encrypted with a different key for each infected file, the only part of the virus remains constant, the decryption engine, which is added (for example) at the end. In this case, an antivirus cannot detect the virus directly from signatures, but it can still detect the decryption engine, which still allows indirect detection of the virus. Since these are symmetric keys stored on the infected host, it is quite possible to decrypt the final virus, but this is probably not necessary because the self-modifying code is such a rarity that the discovery of some may be reason enough for virus scanners at least to “mark” the file as suspicious.
[ref. needed] An old but compact method will be the use of arithmetic operations such as addition or subtraction and the use of logical conditions such as XORing,[60] where each byte of a virus is with a constant, so that the operation excludes or only had to be repeated for decryption. It is suspicious that a code changes on its own, so the encryption/decryption code can be part of the signature in many virus definitions. [ref. An older, simpler approach did not use a key where encryption consisted only of operations without parameters, such as increment and decrement, bit-level rotation, arithmetic negation, and logical not. [60] Some viruses, called polymorphic viruses, use an encryptor in an executable file in which the virus is encrypted under certain events, such as: when the virus scanner is disabled for updates or the computer is restarted. [61] This is called cryptovirology.
