Virus Evolution History Part 2 – Melissa and other executable worms

The powerful file interpreter scripts included in Microsoft Office gave to the virus creators an opportunity to be armed with the characteristics of worms. An example of this was Melissa worm, a Word macro virus with the characteristics of a worm, which infected documents created with the 97 and 2000 versions of Word. This worm automatically sends itself as an attachment in an email, in the first 50 contacts to be found in the address book in Outlook, on the infected computer. This technique, which unfortunately has become very popular today, was first used in this virus which in 1999 caused one of the biggest epidemics in computer history, within a few days. In fact, large companies like Microsoft, Intel and Lucent Technologies had to block their connections to the Internet due to the action of Melissa.

The technique applied for the first time in the Melissa virus was developed subsequently by viruses like VBS / Freelink who, on the contrary to its predecessor, sent itself to all contacts recorded in the address book of an infected PC. This was the beginning of a new generation of worms, that were able to send themselves to all the contacts found in the address book in Outlook of the infected computer. From all those worms, the one that really stands out is the VBS / LoveLetter, widely known as I love You Virus, which first appeared in May 2000 and caused an epidemic with losses estimated at 10,000 million euros. To attract the attention of users and to contribute to its spread, this worm sent itself via an e-mail message with ILOVEYOU title and an attachment named LOVE-LETTER-FOR-YOU.TXT.VBS. When the user opens the attachment, the computer was infected.

Besides Melissa, in 1999 another type of virus appeared, which was also a milestone in the history of viruses. In November of that year the VBS / BubbleBoy virus (written in VB Script) was created: a new type of worm which spread over the Internet, without the user clicking on an attachment. To automatically run itself when the user opened or displayed a message, the virus took advantage of a security problem in Internet Explorer 5. Successor of this worm in 2000 was the JS / Kak.Worm, which spread by exploiting the automatic signature of Microsoft Outlook Express, which enabled it to infect computers without requiring the execution of a file from the user. These were the first samples of a series of worms that were subsequently enriched with new members – worms that could attack computers while users were browsing the Internet.

2 Replies to “Virus Evolution History Part 2 – Melissa and other executable worms”

  1. Pingback: Web Mirror | Virus Evolution History Part 2 - Melissa and other executable worms
  2. Pingback: Posts about History as of March 20, 2009 |

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.