Computer Viruses are programs that cause discomfort to anyone infected by it. Just like a biological virus, which causes some malfunction of the body/mind, a computer virus also can cause damage, ranging from annoying messages to serious ones like a disk crash. A virus has three objectives:
To survive, a virus needs to go undetected.In this context, it means to fool the user and antivirus programs, in believing that everything is fine. Viruses prefer to work in a stealth mode. The second desire of a virus is to multiply. This is more applicable to a biological virus, since a computer virus can hog the memory of the machine by doing so. The third part is to spread. In conjunction with the second aspect of multiply, a virus spreads to other machines and gadgets. Spreading is done mainly through the network to which the machine / gadget is attached and other media like Pen drives, Hard disks etc.
Computer viruses are normally written in low level languages (not assembler) like ‘C’ and now even in high level languages like C++, Java. Malware is the term associated with viruses, worms, spyware, adware and other types of infections. A virus technically speaking is only alive when the computer is switched on. It lives in the main memory (RAM) when active. The peripherals maintain a copy of the virus. Being in the memory is also not good enough. For a virus to strike, it has to get control of the machine (CPU). Hence it gets attached to executable files. That is one vector. It can also live inside the machines (Hard disk / CD / Pen drive) boot area. If you boot from an infected device the virus will get into the RAM. But finally it has to get control. The other areas can be device drivers, dll’s(dynamic link libraries) etc.
A virus code can be divided into 3 parts:
- The survival Code
- The multiply and Spread code
- The final effect
We already know the first two. The third i.e. the final effect, is what we perceive as the problem. (Maybe an annoying ad, a disk crash, strange machine behavior like Caps Lock key not working etc.) We see the effect of the virus, not the first two. Never judge a virus by what it does, because this is in the hands of a virus writer. The damage payload can be anything conceived in the mind of a virus coder.
To protect ourselves from viruses we have to use anti-virus programs. They typically work on signature files and heuristics. The former is a file that contains the virus signature (a unique combination of numbers within the virus file) and the latter is tracking virus like behavior of a machine. Any anomalies are signaled by the anti-virus program. Sometimes these programs are not effective. Everyday seems to be a cop (anti-virus) and thief(virus) chase each trying to outsmart the other.
Why do people write viruses? The obvious answer is to get a good feeling. This may be because a person solved a technical challenge (ego trip) or vindictiveness towards people / communities and the like or simply for fun. The only way to stop them is to run faster than them. In the end, the cops always win, because goodness is long lasting, whereas badness is a temporary phenomenon.The damage caused by these pests are phenomenal. What a price to pay for nothing …