The Evolution of Computer Viruses

Traditional computer viruses emerged in the 1980s, driven by the spread of personal computers and the resultant increase in bulletin board systems (BBS's) and online computer use, plus software sharing. Bulletin board driven software sharing contributed directly to the spread of Trojan horse programs, and viruses were written to infect popularly traded software. Shareware and bootleg software were equally common vectors for viruses on BBS's. Within the "pirate scene" of hobbyists trading illicit copies of retail software, traders in a hurry to obtain the latest applications and games were easy targets for viruses.

Since the mid-1990s, macro viruses have become common. Most of these viruses are written in the scripting languages for Microsoft programs such as Word and Excel. These viruses spread in Microsoft Office by infecting documents and spreadsheets. Since Word and Excel were also available for Mac OS, most of these viruses were able to spread on Macintosh computers as well. Most of these viruses did not have the ability to send infected e-mail. Those viruses which did spread through e-mail took advantage of the Microsoft Outlook COM interface. [COM is a platform-independent, distributed, object-oriented system for creating binary software components. MS Outlook exposed some of its functions and capabilities to external programs using COM, and malicious programs could use the functions to their own purpose.]

Macro viruses pose unique problems for detection software. For example, some versions of Microsoft Word allowed macros to replicate themselves with additional blank lines. The virus behaved identically but would be misidentified as a new virus. In another example, if two macro viruses simultaneously infect a document, the combination of the two, if also self-replicating, can appear as a "mating" of the two and would likely be detected as a virus unique from the "parents".

A virus may also send a web address link as an instant message to all the contacts on an infected machine. If the recipient, thinking the link is from a friend (a trusted source) follows the link to the website, the virus hosted at the site may be able to infect this new computer and continue propagating.

So-called "cross-site scripting" viruses emerged that exploit cross-site scripting vulnerabilities to propagate. Since 2005 there have been multiple instances of the cross-site scripting viruses, most notable sites affected have been MySpace and Yahoo. [By finding clever ways of injecting malicious scripts into web pages, an attacker can gain elevated access privileges to sensitive page content, session cookies, and a variety of other objects at the web site. Attacks include buffer-overflow exploits and vulnerabilities in xml style sheets used by the web sites being attacked.]
Click here for a Free Spyware Scan, to remove spyware with continued spyware protection.

© 1996-2008 adware.com