Want the full MS-DOS virus experience? Time for a night at the Malware Museum

With ancient artefacts from the 1980s and 1990s at the Internet Archive's new online museum, you can take a stroll down malware memory lane.

screen-shot-2016-02-08-at-11-58-53.png

Casino aka Disk Destroyer: Play a game of jackpot or lose your files.

Image: Malware Museum, Internet Archive

Anyone who wants to relive the experience of falling victim to the malware infections of yesteryear can now do so safely, thanks to the Malware Museum.

If your Windows PC gets attacked today, chances are the infection started with a click on a link and ended with stolen banking passwords or encrypted files and a ransom demand for payment in Bitcoin.

But malware writers weren't always all about the money. As the Internet Archive's new Malware Museum highlights, during the 1980s and 1990s, when malware was spread by floppy disk, destruction was often wrought with creative flair.

The archive comes courtesy of F-Secure's chief research officer, Mikko Hypponen, and the Internet Archive's curator, Jason Scott.

One example that illustrates how different malware writers' motives were back then, and the tools available, is Casino.

How malware writers' laziness is helping one startup predict attacks before they even happen

Siemens is impressed at what Israeli security startups CyActive can do – developing ways of mitigating attacks before they can take place.

It's definitely malicious in that it destroyed the victim's disk. But the malware also saved a copy of the files in its RAM and offered the user "a last chance" to win back the files by playing a game of jackpot.

Anyone curious to see what it would have been like to experience the malware on an old IBM PC can now play that game of Casino or, as Hypponen refers to it, Disk Destroyer at the Malware Museum, thanks to the Internet Archive's DOS Box emulator, which it uses to support its recently launched MS-DOS games archive.

Hypponen points out that all the viruses have been scrubbed of any "destructive routines" for safe viewing.

The museum currently hosts 65 samples including Frodo, a virus named after the Lord of the Rings character that, according to Symantec, is designed to drop a payload on September 22, Frodo's birthday.

Others, such as Techno blast beeps, plaster the screen with the word 'techno' and warn the user not to touch the keyboard.

The museum also hosts a talk Hypponen gave in 2011 at DefCon, where he showed off the floppy disk that stored the first PC virus known as Brain.A, built in 1986.

As he noted at the time, there were a few earlier Apple viruses but from today's perspective PC viruses present the bigger issue, given that a whole industry of antivirus firms have evolved to battle PC malware.

A curious detail about Brain.A was that its Pakistani authors included their names, phone number, and street address.

Hypponen contacted them and was told it was a proof of concept to show that DOS was not secure compared with Unix systems. However, that simple test caused chaos for people around the world whose PCs had become infected with Brain.

A common feature of earlier viruses, such as Brain, was that they were designed to spread from floppy disk to floppy disk.

Read more about malware

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All