Virus Hoaxes

Virus Hoaxes

Have you ever gotten an email message like this? BIGGGG TROUBLE !!!! DO NOT OPEN "WTC Survivor" It is a virus that will erase your whole "C" drive. It will come to you in the form of an E-Mail from a familiar person. I repeat a friend sent it to me, but called and warned me before I opened it. He was not so lucky and now he can't even start his computer! Forward this to everyone in your address book. I would rather receive this 25 times than not at all. If you receive an email called "WTC Survivor" do not open it. Delete it right away! This virus removes all dynamic link libraries (.dll files) from your computer. Again,,, I urge all of you to make sure your virius scanners are up to date daily!!!!!! FG Sounds very bad, doesn't it? My, what a horrible virus. It, and others like it, will eat your hard drive, destroy your email, infect every other machine on your network and listed in your address book, and even perhaps give you cookies and make your car break down! This email and others like it are simply hoaxes? How do I know they are a hoax and not a real warning? Here's how it works. A virus propagates (reproduces) by automatically sending itself to all of the addresses in your address book. This is a fairly complex piece of code, requiring a little knowledge on the part of the person who created the virus. Well, instead of writing code to propagate something, why not ask some gullible people to do it for you? That's what these hoaxes are all about - the "virus" is the email message and the delivery system is human being. Why will people do this? Sometimes it's just for a laugh, and sometimes it's for more insidious reasons. Someone could send out a message which claimed that any message from AOL contained a virus, for example, in an effort to make AOL look bad. Here is one of the first hoaxes known to have been sent out across the internet. It went out in 1988. SUBJ: Really Nasty Virus AREA: GENERAL (1) I've just discovered probably the world's worst computer virus yet. I had just finished a late night session of BBS'ing and file treading when I exited Telix 3 and attempted to run pkxarc to unarc the software I had downloaded. Next thing I knew my hard disk was seeking all over and it was apparently writing random sectors. Thank god for strong coffee and a recent backup. Everything was back to normal, so I called the BBS again and downloaded a file. When I went to use ddir to list the directory, my hard disk was getting trashed again. I tried Procomm Plus TD and also PC Talk 3. Same results every time. Something was up so I hooked up to my test equipment and different modems (I do research and development for a local computer telecommunications company and have an in-house lab at my disposal). After another hour of corrupted hard drives I found what I think is the world's worst computer virus yet. The virus distributes itself on the modem sub-carrier present in all 2400 baud and up modems. The sub-carrier is used for ROM and register debugging purposes only, and otherwise serves no othr (sp) purpose. The virus sets a bit pattern in one of the internal modem registers, but it seemed to screw up the other registers on my USR. A modem that has been "infected" with this virus will then transmit the virus to other modems that use a subcarrier (I suppose those who use 300 and 1200 baud modems should be immune). The virus then attaches itself to all binary incoming data and infects the host computer's hard disk. The only way to get rid of this virus is to completely reset all the modem registers by hand, but I haven't found a way to vaccinate a modem against the virus, but there is the possibility of building a subcarrier filter. I am calling on a 1200 baud modem to enter this message, and have advised the sysops of the two other boards (names withheld). I don't know how this virus originated, but I'm sure it is the work of someone in the computer telecommunications field such as myself. Probably the best thing to do now is to stick to 1200 baud until we figure this thing out. Mike RoChenle So what should you do if you receive a warning about some horrible virus? Generally, if these demand to be sent to everyone you know, it's a hoax. If you are unsure, then check out the following site: Symantic Antivirus Research Center - http://www.sarc.com Go to the search page and enter a few words from the message claiming to warn you about a horrible virus. Behold, you will now read about the hoax. In fact, here's the datasheet on the virus mentioned at the start of this article: http://securityresponse.symantec.com/avcenter/venc/data /wtc.survivor.hoax.html In any event, hoax or not, it's a good idea to just file the email or delete it. Don't send it on to all of your friends. Don't do anything dramatic. These things only gain power when people give them power. In other words, maintain your reason and don't give in to an emotional response which simply floods email inboxes with junk.