How exactly does a virus spread?
Viruses are pieces of code attached to a popular programme (like a game). When copies of the programme are made, the virus is transferred. A virus is, thus, like a small piece of code embedded in a larger, legitimate programme.india Updated: Dec 08, 2003 12:22 IST
How viruses spread
Viruses are pieces of code attached to a popular programme (like a game). When copies of the programme are made, the virus is transferred. A virus is, thus, like a small piece of code embedded in a larger, legitimate programme.
Any virus is designed to run first when the legitimate programme gets executed. The virus loads itself into memory and looks around to see if it can find any other programmes on the disk. If it can find one, it modifies it to add the virus's code to the unsuspecting programme. Then the virus launches the "real programme."
The user really has no way to know that the virus ever ran. Unfortunately, the virus has now reproduced itself, so two programmes are infected. The next time either of those programmes gets executed, they infect other programmes, and so, the cycle continues.
If one of the infected programmes is given to another person on a floppy disk, or via email or any other way, then other programmes get infected. This is how the virus spreads.
The spreading part is the infection phase of the virus.
Viruses wouldn't be so harmful if all they did was replicate themselves. But, most viruses are programmed to do damage.
Generally, some sort of trigger is built which activates an attack, making the virus do something -- from simply printing a silly message on the screen to erasing all of the data on the hard disk. The trigger might be a particular date, or the number of times the virus has been replicated, or something similar.
Over the years, viruses have become moresophisticated. For example, they can now load into the memory and keep running in the background. This makes viruses replicate much more easily.
Another trick that viruses use is their ability to infect the boot sector on floppy disks and hard disks. The boot sector is a small programme that is the first part of the operating system that the computer loads. The boot sector contains a tiny programme that tells the computer how to load the rest of the operating system. By putting its code in the boot sector, a virus can guarantee it gets executed. It can load itself into memory immediately, and it is able to run whenever the computer is on.
Boot sector viruses can infect the boot sector of any floppy disk inserted in the machine, and on college campuses where lots of people share machines, such viruses spread like wildfire.
So, whenever a computer starts or boots up, it first accesses the boot sector and then starts loading the operating system. Boot sector viruses infect the boot sector by attaching themselves to this area. As soon as the computer starts the virus lodges itself in the memory and from there on slowly extends its presence by entering other areas of the computer.
Once it enters the system, it tries to enter other computers, for which it needs a medium whereby it can carry itself to other PCs. The normal medium of transfer can be e-mail, Web sites, instant messengers and P2P networks (like Kazaa), storage media (floppies, zip cartridges, CDs, hard disks, etc) and also through LAN connections.
First Published: Dec 06, 2003 00:00 IST