Home & Office

Time to catch the virus copycats

It's the call of the wild for copycat virus writers worldwide: "You too can cause the next viral epidemic!"
Written by Robert Lemos, Contributor

Heeding that call, the creators of more than 30 variants of the ILOVEYOU worm plagiarised and modified the original worm to create -- sometimes slightly different and sometimes very different -- versions of the original worm.

The original writer of the virus is bad. These copycat creators are far worse, and they are getting away with it.

While a virus writer can argue that they didn't expect their progeny to spread widely, copycat writers are actually aiming at creating the next Internet apocalypse. For them, it's akin to looking at an epidemic of the flu and thinking, "That's lame. I bet I can make something FAR more virulent and deadly."

While most fail, a few are somewhat successful.

This week's NewLove worm is one that has had a modicum of success. While the alarm raised by the anti-virus firms has more to do with the destructive nature of the NewLove worm -- and it's PR value -- than with how successfully it has spread, the worm has hit hundreds of computers.

For the first time, law enforcement is not looking the other way. The FBI and Attorney General Janet Reno jumped on board Friday morning to assure the public they are on the case.

Yet, when there is little publicity on the case, the FBI seem noticeably quiet. What about the other 29 variants of ILOVEYOU? Instead of being scared, copycat writers are flagrantly flaunting their ability to release viruses and not get caught. This has got to stop.

Unfortunately, there is no easy way to catch the delinquents who unleash their modified code.

Both script and macro viruses, by definition, contain a copy of their own source code. That makes it extremely easy for them to modify. Just changing a single byte to another changes the virus's signature and creates a new "variant."

The ease by which new malicious programs could be created is astonishing. Any person with a smidgen of programming experience could modify the code just by looking at it.

The copycat writers are not geniuses, and in most cases, they aren't even good programmers. They are just lucky that the Internet and Microsoft's Outlook email weren't originally created to be secure.

In one way, however, these miscreants are helping the situation. There's nothing like a little repetition to drill simple safety precautions into the minds of users.

  • Make backups of all files that you can't do without. Applications can always be reinstalled, but important data should be backed up.
  • Don't open attachments unless they are from someone you trust and you were expecting them. While some experts are advising users not to open any files included in email, that's is not very practical. Still, avoid the latest joke files or animated Santa Claus GIF.
  • Use anti-virus software and keep it up to date.
  • Remove the scripting ability from your computer. On Windows 9x computers, this is usually as easy as unchecking an item in the appropriate control panel. On Windows 2000, the user would have to go into the registry.
  • Until the copycats are caught, users will have to be smarter about their use of email.

    What do you think? Tell the Mailroom. And read what others have said.

    Go to ZDNet's ILOVEYOU Special Report

    Editorial standards