####################################### # # # # # ======== =\ = ====== # # == = \ = = # # == = \ = ====== # # == = \ = = # # == = \= ====== # # # # # # # # ''''''''''''''''''''' # # # # # # > Written by Dr. Hugo P. Tolmes < # # # # # ####################################### Issue Number: 35 Release Date: April 30, 1988 $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ TITLE: Virus Wars: A Serious Warning FROM: PC Magazine DATE: February 29, 1988 by: John C. Dvorak ----------------------------------------------------------------------- A new computer virus is infecting microcomputers around the world. Where is the utility that will prevent our PCs from becoming victims in this epidemic? ----------------------------------------------------------------------- A computer virus (sometimes called a Trojan horse or a worm) is a small and sinister piece of software code that literally infects your machine. It is inserted into a public-domain or bootleg program and, when the program is used, the virus code is alerted and rewrites itself into something in your system and typically (and eventually) calls a hard disk routine and tells the disk to erase itself. Computer sabotage. It's getting worse and we should all be aware of it. On the West Coast a battle wages where Apple Macintosh users and IBM PC users are loading software with viruses to "attack" their foe: a user of the other kind of machine. THE LEHIGH VIRUS Meanwhile, one virus has made headlines. It was released at Lehigh University. Here's an excerpt from a memo sent out over UseNet from Kenneth R. van Wyk, User Services Senior Consultant, Lehigh University Computing Center. It describes the virus that was set loose just before Thanksgiving last year and is now floating around the world. "Last week, some of our student consultants discovered a virus program that's been spreading rapidly throughout Lehigh University. It has the chance of spreading much farther than just our University. We had no idea where the virus started, but some users have told me that other universities have recently had similar problems. "The virus itself is contained in the stack space of COMMAND.COM. When a PC is booted from an infected disk, all a user need do to spread the virus is to access another disks via TYPE, COPY, DIR, etc. If the other disk contains COMMAND.COM, the virus code is copied to the other disk. Then, a counter is incremented on the parent. When this counter reaches a value of 4, and and every disk in the PC is erased thoroughly. The boote the FAT tables, etc. All Norton's horses couldn't put it back together again. This affects both floppy and hard disks. Meanwhile, the four children that were created go on to tell four friends, and then they tell four friends, and so on, and so on. "Detection: while the virus appears to be very well written, the author did leave behind a couple footprints. First, the write date of COMMAND.COM changes. Second, if there's a write protect tab on an uninfected disk, you will get a WRITE PROTECT ERROR. So, boot up from a suspected virus'd disk and access a write-protected disk--if an error comes up, then you're sure. Note that the length of COMMAND.COM Does not get altered. "I urge anyone who comes in contact with publicly accessible disks to periodically check their own disks. Also, exercise safe computer-- always wear a write protect tab. "This is not a joke. A large percentage of our public site disks has been gonged by this virus in the last couple days." The mainstream computer magazines seldom discuss these destructive little gags, even though there are plenty of them. PC users must make themselves aware of these things. If a virus program got into a corporation and started eating hard disks, you can be sure that the next time someone brought in some software from home, it would quickly be confiscated. This kind of thing only encourages MIS departments to take total control of the microcomputer installation. Remember, that most talented of the hackers love to design programs like this just to harass the average PC user. We need some utilities that check the integrity of our computer systems. Of course, these programs would be quickly defeated by some maniac who would find the loophole in the algorithm, and the integrity checker would have to be forever updated. (Sounds like a money-maker!) Some say that the solution to these sick jokes is to perpetually back up the hard disk like a good little boy. Great. I back up my hard disk once a year whether it needs it or not. So what am I (and most users) supposed to do in between times? All you can do is be careful and know that someone out there is about to make your life miserable if you're not prudent. $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ NOTA: Viruses seem to be a very hot item these days as I've explained in previous issues of TNS. Besides the many articles on viruses that have been published (many of which are in previous issues of TNS or future issues) I have seen several news reports on the dangers of computer viruses. All of this hysteria has been caused by a few incidents at several universities here and Hebrew University. Other tensions are still around because of the Chaos Computer break-ins in NASA's SPAN network. $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ TOLMES NEWS SERVICE INDEX: -------------------------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #1 ---------------------------- Introduction to TNS Magazine - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #2 ---------------------------- Introduction to Issue #2 They Sure Can Talk in Raleigh Teaching Computer Ethics in the Schools Cash-Machine Magician Cheaper Electronics Makes It a Snap to Snoop Los Alamos Nuclear Facility Security Boost - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #3 ---------------------------- Making Computers Snoop-Proof War Against Phone Hacking Heats Up Toll Fraud Trial Sets New Tone - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #4 ---------------------------- Cellular Technology Pirate BBS Scanning Bust Rip Offs How the Soviets Are Bugging America Deadly Bugs The Newest Dating Game - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #5 ---------------------------- Electronic Cryptography Report - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #6 ---------------------------- HD Sentry: Hard Disk Protection from Trojan Horse Programs Check This: Ma Bell is a Generous Soul Sign In and then Sign On How To Beat Phone Assault Prisoner Phone Phreaks Suburban Kids Are Too Dumb to Steal - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #7 ---------------------------- Federal Sting Nets 25 for Cellular Phone Fraud in NYC 18 Are Seized in Illegal Use of Mobile Telephones Hello Anywhere - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #8 ---------------------------- Keeping the Secrets Inside the Computer Bugging Urine Hot-Line Innovation? Just Hold the Phone - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #9 ---------------------------- The National Guards The Caller That Isn't Long-Winded A Call to Stop Long-Distance Scam Online Junkies- Artificial Intelligence Hacking Through NASA: A Threat- Or Only an Embarassment - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #10 ----------------------------- The Bust of Shadow Hawk - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #11 ----------------------------- Shadow Hawk's Bust: Continued from TNS Issue #10 US Sprint Sues "Ring" of Hackers for $20 Million - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #12 ----------------------------- The Blue Box and Ma B- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #13 ----------------------------- Capt. Zap: Informant? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #14 ----------------------------- 411: Life at Directory Assistance - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #15 ----------------------------- The Max Headroom TV Pirate - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #16 ----------------------------- The Celling of America Tales That Do Not Compute Responses to Issue #12's Article Introduction: TNS QuickNotes - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #17 ----------------------------- New Security Measures at ITT Capt. Zap's Defense - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #18 ----------------------------- 2600 Magazine's Official Bulletin Boards Some Things about Phrack Inc. Syndicate Report: Will It Return? TNS QuickNotes - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #19 ----------------------------- 'If You Need Help, Press 3' Satellite Paging - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #20 ----------------------------- AT&T's Attempt at a Comeback The 1-900 Report - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #21 ----------------------------- AT&T and Sun Microsystems 1-900's AT&T Credit Card Fraud Causes a $5,430 Bill - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #22 ----------------------------- TNS Issue Directory FON Card Review Credit Card Fraud Arrests Radio ANI - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #23 ----------------------------- Dial-a-Porn Restrictions Changes at 2600 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #24 ----------------------------- 1-900 Abuses Gab Lines Phone Aid - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #25 ----------------------------- Return of The Rebel Problems for Mafia Dude The Foreign Legion Return of the Private Connection - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #26 ----------------------------- Computer Terrorism! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #27 ----------------------------- Changes at 2600 Magazine Virus Report - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #28 ----------------------------- Viruses Threatening an Era of Computer Freedom The Tulsa Busts - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #29 ----------------------------- Telecom Update - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #30 ----------------------------- Federal Phone Snafu The Trojan Wars - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #31 ----------------------------- Computer Systems Under Seige - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #32 ----------------------------- Computer Terror Youths Suspected in Phone Fraud - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #33 ----------------------------- Breaking and Entering: High Tech Style - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tolmes News Service Issue #34 ----------------------------- Multi-State Computer Theft Ring $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$