Viruses, Worms, Trojan Horses and Zombies

Computerworld - Few aspects of computer security have achieved the notoriety of malicious software that preys on unsuspecting computer users. Viruses, worms, Trojan horses, logic bombs, zombies, password grabbers - the list gets longer and longer. The different types of malicious software work by a variety of methods, and they have different potentials for causing damage.

The Chernobyl and Melissa viruses and the Worm.Explore.Zip program caused extensive PC damage after spreading themselves around the world through e-mail last year. The denial-of-service attacks that brought major e-commerce Web sites to their knees earlier this year were launched by malicious software hidden on hundreds of Internet-connected computers without their owners' knowledge.

A mini-industry of organizations, professionals and volunteers has sprung up to categorize malicious software, issue warnings and market software designed to detect, locate and eradicate such programs. New malicious code appears monthly, generated by an underground community of programmers apparently motivated by the desire to cause damage, steal information or sometimes just prove their technical prowess.

Viral Threats

Viruses are the best-known type of malicious software. These programs secretly attach themselves to other programs. What makes them dangerous is that, before they do whatever damage they may be programmed for, they first copy themselves to additional program files. Thus, computer viruses infect and reproduce in a fashion somewhat analogous to biological viruses.

The scope of the threat has changed significantly in the past few years, says Sal Viveros, director of McAfee Active Virus Defense at Network Associates Inc., a Santa Clara, Calif.-based vendor that develops programs to protect against malicious software.

"Five or six years ago, viruses were spread by floppies," Viveros says. "They were called boot-sector viruses because they booted off the floppy drive. At that time, virus infections were very regional; they spread, but (they) took longer than they do today.

"Then came the applications with macros - programs like Microsoft Outlook or Word - that attracted a huge number of macro viruses," he adds.

"Last year came Melissa and the other mass-mailing e-mail viruses," Viveros notes. "And at the end of last year there was a virus called BubbleBoy that you could get just by opening your e-mail because it used the Visual Basic scripting language in the e-mail."

Viruses are still the biggest computer security problem. According to The WildList Organization International, an independent group that tracks viruses, there are more than 300 viruses "in the wild" that represent a threat to computer users. That's only a fraction of the 50,000 known malicious software codes, Viveros says.

Symantec Corp. in Cupertino, Calif., another vendor of antivirus software, sees copies of about 15 new viruses a day, although most are never released, says Vincent Weafer, director of Symantec's Antivirus Research Center in Santa Monica, Calif.