Inside Out Security Blog   /  

Lessons from the Malware Museum

Lessons from the Malware Museum

If you haven’t already seen Mikko Hypponen’s collection of vintage malware at the Internet Archive, take the time for a brief tour. If you’re on a lunch hour, it’s also worthwhile to hear Mikko’s talk on how malware has evolved from its primitive roots.

Hunter-Gatherer Ware

The interesting point about these early viruses is that the hackers seemed to get an unhealthy pleasure in pranking anonymous users.  The hackers craved the idea of an 8-bit graphic crawling across your monitor (see Walker or Ambulance) or just displaying a large ‘V’ once a month (that would be the V-sign virus) or a cool fractal (Tequila).

Want to learn ransomware basics and earn a CPE credit? Try our free course.

“In just one hour, I’ll teach you the fundamentals of Ransomware and what you can do to protect and prepare for it.”

More creative hackers had some really impressive graphics chops, considering the available technology: check out this Martian landscape. These early pioneers had style!

Unlike today’s malware, the attackers also put their personal stamp on their work: you were supposed to take notice.

In one of the first known viruses (see Brain), the attackers even left their street address in their DOS-based executable. Oops.

It was a more innocent time.

But even these earlier viruses had a destructive element. Take for example Casino, which asked victims to play a virtual game of slots. If your luck ran out, the disk was erased.

Vintage malware: Walker

In the pre-Internet and early-modem era, you’d share floppy disks with your friends and workers. The viruses were designed to replicate by infecting the boot sector of the diskette. As users, we all literally walked the virus to the next target — “sneaker-net”. Floppy-based Brain became a world-wide phenomenon.

Primitive, but effective.

Modern Malware

With the dawn of Microsoft Windows and Internet email — cue up 2001:A Space Odyssey theme music — viruses advanced into a more familiar form.

They began to embed themselves in Word or Excel documents using VBA scripts, so they were much harder to detect than the previous generation. They spread by secretly reading Outlook contacts and emailing themselves to the next victim.

Melissa and Code Red were classics of this worm genre.

Hackers also started to exploit people’s primeval urges to click on anything that’s sent to them in their emails, especially if it had a catchy subject line involving attractive female superstars — see the Anna Kournikova virus.

And around 2002-2003, came Fizzer. Its malware developers realized that people were using their laptops to store valuable information or enter it into web sites — passwords, credit card numbers. Fizzer secretly logged keystrokes and scanned documents, and used a backdoor to exfiltrate it to the attacker’s server.

Back to the Future

It’s 2016 and we’re still suckers when it comes to clicking on links or attachments found in our emails.

True, phishing attacks are much more targeted and can occasionally catch the best prepared of us off guard.

However, the techniques are ancient and at this point the digital equivalent of three-card monte. Far too many of us are still falling for Nigerian scams involving $100,000 and a wealthy oil trader named Mr. George Abdul.

With the rise of ransomware, the attackers are now back to boldly announcing their presence while encrypting files.

Will we ever get rid of malware? The answer is no: it’s really the Internet’s oldest profession, and it will be with us forever.

DatAdvantage is a modern answer to an age-old problem. Learn how it can protect your data from the inside out.

We're Varonis.

We've been keeping the world's most valuable data out of enemy hands since 2005 with our market-leading data security platform.

How it works