The Infomation Technology (Certifying Authority) Regulations, 2001
The Cyber Regulations Appellate Tribunal
 
Navigation
Introduction to Cyber Crime
The Information Technology ACT 2000
The Information Technology ACT 2008
Viruses
Frequently Used Cyber Crime
Worms
Latest News
Press Clippings
Publications/ Articles
Trojans
Computer's Vulnerability
E-mail Related Crimes
Denial Of Service Tools
Application Security
M-commerce Law
Articles on ITA 2008
Contact Us
Cyber Crime Branch Advisory
The Nigerian Scam
Important Links
Cyber Crime Investigation Cell
Delhi Police
Delhi Traffic Police

Viruses

Sparse infector

The term "sparse infector" is sometimes given to a virus that infects only occasionally, e.g. every 10th executed file, or only files whose lengths fall within a narrow range, etc. By infecting less often, such viruses try to minimize the probability of being discovered by the user.

Companion virus

A companion virus is one that, instead of modifying an existing file, creates a new program, which (unknown to the user) gets executed by the command-line interpreter instead of the intended program. (On exit, the new program executes the original program so things will appear normal.) This is done by creating an infected .COM file with the same name as an existing .EXE file. Note that this type of malicious code is not always considered to be a virus, since it does not modify existing files.)

Armored virus

An armored virus is one that uses special tricks to make the tracing, disassembling and understanding of its code more difficult. A good example is the Whale virus.

Macro virus

Many applications allow you to create macros. A macro is a series of commands to perform an application-specific task. Those commands can be stored as a series of keystrokes, or in a special macro language.

A macro virus is a virus that propagates through only one type of program, usually either Microsoft Word or Microsoft Excel. It can do this because these types of programs contain auto open macros, which automatically run when you open a document or a spreadsheet. Along with infecting auto open macros, the macro virus infects the global macro template, which is executed anytime you run the program. Thus, once your global macro template is infected, any file you open after that becomes infected and the virus spreads.

Virus hoax

A virus hoax generally appears as an email message that describes a particular virus that does not exist. These emails almost always carry the same basic story: that if you download an email with a particular subject line, your hard drive will be erased (an impossibility because the text of an email cannot harbor a virus).

Such messages are designed to panic computer users. The writer or writers email the warning and include a plea for the reader to forward it to others. The message then acts much like a chain letter, propagating throughout the Internet as individuals receive it and then innocently forward it. An example of a virus hoax is the "Good Times" virus -- which was written in 1994 and since then has circled the globe many times over. The best thing to do on receipt of such an email is to ignore and delete it.

Major Virus Incidents Since 1998 Melissa


This virus set a benchmark the world over when it was first noticed on 26th March 1999. It was the fastest spreading virus. The Melissa virus is an automatic spamming virus. Its action includes infecting Microsoft Word's normal.dot global template, which basically implies that all new documents created by the user would get infected. After that, each time that an infected document is accessed the virus will disable Microsoft Word's macro warning feature so that it is allowed to be activated.

Its next action is to access Microsoft Outlook address book and e-mail the infected Word file as an attachment to the first fifty e-mail addresses entered there. As soon as the receivers of such an e-mail message open the attachment their computers also get infected. The virus then sends the infected file to another 50 e-mail addresses. This is the reason for the extensive spread of the virus in a short while.

The virus by itself, installed in the victim's computer, was rather harmless. It merely inserted some text into a document at a specified time of the day. What caused the maximum harm was that the volume of traffic, due to the numerous e-mail attachments being sent, was more than could be borne by most servers around the world.

ExploreZip

In its activities it was similar to Melissa, but there was one major difference. ExploreZip, first discovered in June 1999, was not a virus. It was a Trojan. This means that it was incapable of replicating itself. Thus, the Melissa virus had more far reaching presence.

In addition to this dissimilarity, ExploreZip was more active. It not only hijacked Microsoft Outlook but also selected certain files and made their file size zero - reduced their data to nothing. Those files were then of no use to the user and they could not be recovered.

India Cyber Law and Cases

Welcome to the largest Database of Cyber Law and Cases from India. We publish cyber law cases & news from India. Send your suggestions / articles / news

Latest News

16 December 2009
Avoid Post-Thanksgiving Internet Scams
16 December 2009
Millions of computers are filled with fake security software