The fact that the computer is infected with a computer virus is today synonymous with disbursement of money. The vast majority of malware (or malicious code) that circulates on the internet seeks a direct financial reward, for example by encrypting data and asking for a reward for releasing it ( ransomware ). In some cases, the victim will only find out that they have been attacked when they see the amounts stolen from their checking account.
Viruses were not always this discreet. At the dawn of the consumer computing age, malware was more of a pastime for early hackers; a way of demonstrating your knowledge and putting yourself to the test. Its display was very visual: colorful lights invaded the screen at a frantic pace, cascades of windows opening incessantly, letters falling to the bottom of the monitor; Apparitions of ships, marijuana leaves, naked women, supposedly funny messages … Those infected were harmed, who could lose all their data, but they were not plucked.
Times have changed so much in the world of viruses that there are true nostalgics of the first malware . Among them the Texan Daniel White (Danooct1), who has almost 300,000 subscribers on his YouTube channel. It shows what happens when a computer is infected with any of these malicious codes .__ AOPEN__0 In its most watched video, , which exceeds 4.5 million views, you can see how the windows of the YouAreAnIdiot Trojan are displayed incessantly until the computer restarts. He has also made demonstrations with more recent examples, such as the media Wannacry or NotPetya , from 2017. And he has even recorded experimenting with viruses developed for the occasion by his own followers.
The virus as a form of
expression “I think I will have taught how about 400 different malware works. I especially like the flashier ones. The ones that affected MS-DOS and early Windows were especially known for that, ”explains White from Dallas. “Although the majority of malware from the last 15 years is silent and financially motivated, the common perception of viruses still conjures up the mental image of airplanes flying across the screen, windows with rude messages, and the random and total destruction of computer files. system ”, emphasizes this 30-year-old engineer.
His passion originated in 2004, when his computer was infected for the first time with a worm called Sasser. Since then he has not stopped looking at this type of software . I wanted to know more and more about them. He was seduced by the idea of someone, from the basement of his house, typing a code that would then cause “strange and interesting” effects on other people's computers.
“I started looking for databases of malware descriptions and their infection routines and activation, ”he remembers. “My favorite was the F-Secure virus library, which contained a lot of comments from famed cybersecurity researcher Mikko Hyppönen.”
The 'malware' collector
The Finn referred to by White, considered a world reference in cybersecurity, he is also a virus collector. Hyppönen combines his position as director of research at F-Secure with a full schedule of conferences and seminars… and with the curation of The Malware Museum , the first online repository of malicious code. “I had a collection of viruses from the late 80s and early 90s and, five years ago, I noticed that the Internet Archive had developed a system with which to emulate the operation of old PCs from any browser,” explains Hyppönen. The system you are talking about was used primarily for playing old video games. “I investigated whether this medium would also be able to reproduce viruses. It turned out that it was, so now anyone can marvel at what some computer viruses from 30 years ago are capable of ”, he adds.
His personal collection has thousands of them, but in the museum he shows only a few dozen, which are more entertaining to watch (there are others that, despite their technical complexity, have a very weak screen display). “My favorite is Casino. It is a destructive virus that overwrites the file allocation table on certain dates. However, he keeps a copy of the assignment before overwriting and then invites the victim to play a game of chance. If you win, everything goes back to your site and you get the data back; if you lose, or if you restart the system without playing, all files are destroyed. ”
An art form?
Ingenuity and fireworks were characteristics of what we now consider vintage viruses. “Many old school malware authors used their viruses as forms of expression. That is why they had such stagings so nourished with animations, sounds and photographs. Definitely, viruses are an art form, a quite unique one in fact ”, sentence Hyppönen.
The truth is that there are people willing to pay for works made from malware . Someone paid 1.2 million euros in a New York auction in 2019 for a laptop infected with the six most dangerous viruses that were known at that time. The piece, entitled The Persistence of Chaos and signed by artist Guo O Dong, aims to raise awareness that attacks in the digital world also have repercussions in the physical world
History of computing
Knowing the past is important to understanding the present . For this reason, and out of professional interest, Hyppönen tracked down what is considered the first virus in history, Brain, in 2011 when it was 25 years after its creation. The Finn traveled to Pakistan to meet his creators , the brothers Basit and Alvi Amjad. They designed it as a form of protection against piracy of the programs that they wrote and recorded themselves on 5.5 floppy disks. This research can be considered the archeology of .
malware "Computer security has evolved a lot, but the techniques and strategies used twenty years ago against threats are still the main component of modern antivirus," White details. In other words, although technology has advanced, knowing the techniques of early virus developers can be very helpful to those of today. And to those responsible for creating the defense architecture, of course.
White is aware, however, that his hobby is not safe for the uninitiated. "A material potentially as dangerous as certain viruses should not be archived lightly, so that it can be downloaded without difficulty who does not know very well what is at hand or someone with bad intentions," he says.
"Not documented and recorded in the past, most malicious software would have been lost. And it constitutes an important part of the history of computing. Many of the databases that I learned about 15 or 16 years ago have already disappeared from the internet as cybersecurity companies focus less on the past than on current threats, "says White. He considers himself, in fact, a historian of malware . "It is crucial that we try to preserve this important chapter in the history of the Internet," says Hyppönen. “If we don't do it, who will?”
You can follow EL PAÍS TECNOLOGÍA RETINA at Facebook , Twitter , Instagram or subscribe here to our Newsletter .