Comparison of computer viruses

The compilation of a unified list of computer viruses is made difficult because of naming. To aid the fight against computer viruses and other types of malicious software, many security advisory organizations and developers of anti-virus software compile and publish lists of viruses. When a new virus appears, the rush begins to identify and understand it as well as develop appropriate counter-measures to stop its propagation. Along the way, a name is attached to the virus. As the developers of anti-virus software compete partly based on how quickly they react to the new threat, they usually study and name the viruses independently. By the time the virus is identified, many names denote the same virus.

Another source of ambiguity in names is that sometimes a virus initially identified as a completely new virus is found to be a variation of an earlier known virus, in which cases, it is often renamed. For example, the second variation of the Sobig worm was initially called "Palyh" but later renamed "Sobig.b". Again, depending on how quickly this happens, the old name may persist.

Scope

In terms of scope, there are two major variants: the list of "in-the-wild" viruses, which list viruses in active circulation, and lists of all known viruses, which also contain viruses believed not to be in active circulation (also called "zoo viruses"). The sizes are vastly different, in-the-wild lists contain a hundred viruses but full lists contain tens of thousands.

Comparison of viruses and related programs

Virus Alias(es) Types Subtype Isolation Date Isolation Origin Author Notes
1260 V2Px DOS Polymorphic 1990 First virus to use polymorphic encryption
4K 4096 DOS 1990-01 The first virus to use stealth
5lo DOS 1992-10 Infects .EXE files only
A and A A_and_A DOS,
Windows 95, 98
1993
Abraxas Abraxas5 DOS,
Windows 95, 98
1993-04 Europe ARCV group Infects COM file. Disk directory listing will be set to the system date and time when infection occurred.
Acid Acid.670, Acid.670a, Avatar.Acid.670, Keeper.Acid.670 DOS,
Windows 95, 98
1992 Corp-$MZU Infects COM file. Disk directory listing will not be altered.
Acme DOS,
Windows 95 DOS
Upon executing infected EXE, this infects another EXE in current directory by making a hidden COM file with same base name.
ABC ABC-2378, ABC.2378, ABC.2905 DOS 1992-10 ABC causes keystrokes on the compromised machine to be repeated.
Actifed DOS
Ada DOS 1991-10 Argentina The Ada virus mainly targets .COM files, specifically COMMAND.COM.
Agena Agena.723 DOS 1992-09 Spain Infected programs will have a file length increase of 723 to 738 bytes
AGI-Plan Month 4-6 DOS Mülheim an der Ruhr, Germany AGI-Plan is notable for reappearing in South Africa in what appeared to be an intentional re-release.
Ah David-1173, Tuesday MS-DOS 1991-05 Italy Systems infected with Ah will experience frequent system hangs.
AI DOS
AIDS AIDSB, Hahaha, Taunt DOS 1990 Dr. Joseph Popp AIDS is the first virus known to exploit the DOS "corresponding file" vulnerability.
AIDS II
AirCop Air cop-B, Red State DOS 1990-01 Infects the boot sector of floppy disks.
Alabama Alabama.B DOS 1989-10 Hebrew University, Jerusalem Files infected by Alabama increase in size by 1,560 bytes.
Alcon[1] RSY, Kendesm, Ken&Desmond, Ether DOS 1997-12 Overwrites random information on disk causing damage over time.
Ambulance
Anna Kournikova E-Mail
VBScript
2001-02-11 Sneek, Netherlands Jan de Wit A Dutch court stated that US$166,000 in damages was caused by the worm.
AntiCMOS Due to a bug in the virus code, the virus fails to erase CMOS information as intended.
ARCV-n DOS 1992-10/1992-11 England, United Kingdom ARCV Group ARCV-n is a term for a large family of viruses written by the ARCV group.
Bomber CommanderBomber DOS Bulgaria Polymorphic virus which infects systems by inserting fragments of its code randomly into executable files.
Brain Pakistani flu 1986-01 Lahore, Pakistan Basit and Amjad Farooq Alvi Considered to be the first computer virus for the PC
Byte Bandit Amiga, bootsector virus 1988-01 Swiss Cracking Association It was one of the most feared Amiga viruses until the infamous Lamer Exterminator.
Christmas Tree
CIH Chernobyl, Spacefiller Windows 95, 98, Me 1998-06 Taiwan Taiwan Chen ing-Hau Activates on April 26, in which it destroys partition tables, and tries to overwrite the BIOS.
Commwarrior Symbian Bluetooth worm Famous for being the first worm to spread via MMS and Bluetooth.
Creeper TENEX operating system 1971 Bob Thomas An experimental self-replicating program which gained access via the ARPANET and copied itself to the remote system.
Eliza DOS 1991-12
Elk Cloner Apple II 1982 Mt. Lebanon, Pennsylvania, United States Mt. Lebanon, Pennsylvania, United States Rich Skrenta The first virus observed "in the wild"
Form DOS 1990 Switzerland A very common boot virus, triggers on the 18th of any month.
Graybird Graybird P
Hare DOS,
Windows 95, Windows 98
1996-08 Famous for press coverage which blew its destructiveness out of proportion
ILOVEYOU 2000-05-05 Manila, Philippines Michael Buen, Onel de Guzman Computer worm that attacked tens of millions of Windows personal computers
INIT 1984 Mac OS 1992-03-13 Malicious, triggered on Friday the 13th.
Jerusalem DOS 1987-10 Jerusalem was initially very common and spawned a large number of variants.
Kama Sutra Blackworm, Nyxem, and Blackmal 2006-01-16 Designed to destroy common files such as Microsoft Word, Excel, and PowerPoint documents.
Koko DOS 1991-03 The payload of this virus activates on July 29 and February 15 and may erase data on the users hard drive
Lamer Exterminator Amiga, Boot sector virus 1989-10 Germany Random encryption, fills random sector with "LAMER"
MacMag Drew, Bradow, Aldus, Peace 1987-12
MDEF Garfield, Top Cat 1990-05
Melissa Mailissa, Simpsons, Kwyjibo, Kwejeebo Microsoft Word macro virus 1999-03-26 New Jersey, United States David L. Smith Part macro virus and part worm. Melissa, a MS Word-based macro that replicates itself through e-mail.
Michelangelo DOS 1991-02-04 Australia Ran March 6 (Michelangelo's birthday)
Navidad 2000-12
Natas Multipartite, stealth, polymorphic 1994 "Priest"
nVIR MODM, nCAM, nFLU, kOOL, Hpat, Jude Mac OS 1987 nVIR has been known to 'hybridize' with different variants of nVIR on the same machine.
OneHalf Slovak Bomber, Freelove or Explosion-II DOS 1994 Slovakia Vyvojar It is also known as one of the first viruses to implement a technique of "patchy infection"
Ontario.1024
Ontario.2048
Ontario SBC DOS 1990-07 Ontario, Canada "Death Angel"
Pikachu virus 2000-06-28 Asia The Pikachu virus is believed to be the first computer virus geared at children.
Ping-pong Boot, Bouncing Ball, Bouncing Dot, Italian, Italian-A, VeraCruz Boot sector virus Harmless to most computers
RavMonE.exe RJump.A, Rajump, Jisx Worm 2006-06-20 Once distributed in Apple iPods, but a Windows-only virus
SCA Amiga, Boot sector virus 1987-11 Switzerland Swiss Cracking Association Puts a message on screen. Harmless except it might destroy a legitimate non-standard boot block.
Scores Eric, Vult, NASA, San Jose Flu Mac OS 1988 Spring Designed to attack two specific applications which were never released.
Scott's Valley DOS 1990-09 Scotts Valley, California, United States Infected files will contain the seemingly meaningless hex string 5E8BDE909081C63200B912082E.
SevenDust 666, MDEF, 9806, Graphics Accelerator, SevenD Mac OS 1998
Shankar's Virus W97M.Marker.o Polymorphic 1999-06-03 Sam Rogers Infects Word Documents
Simile Etap, MetaPHOR Windows Polymorphic The Mental Driller The metamorphic code accounts for around 90% of the virus' code
SMEG engine DOS Polymorphic 1994 United Kingdom The Black Baron Two viruses were created using the engine: Pathogen and Queeg.
Stoned 1987 Wellington, New Zealand One of the earliest and most prevalent boot sector viruses
Sunday DOS Jerusalem.Sunday 1989-11 Seattle, Washington, United States Because of an error in coding, the virus fails to execute its payload.
TDL-4 Botnet JD virus
Techno DOS The virus plays a tune that was created by the author of the virus
Whale DOS Polymorphic 1990-07-01 Hamburg, Germany R Homer At 9216 bytes, was for its time the largest virus ever discovered.
ZMist ZMistfall, Zombie.Mistfall Zombie.Mistfall Z0mbie It was the first virus to use a technique known as "code integration".

Related lists

Unusual subtypes

Notable instances

Similar software

Security topics

See also

References

  1. Vincentas (11 July 2013). "Computer Viruses in SpyWareLoop.com". Spyware Loop. Retrieved 28 July 2013.

External links

This article is issued from Wikipedia - version of the Sunday, April 17, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.