184 Chapter 8 ■ Trojans, Viruses, Worms, and Covert Channels
Each of these types of malware has its own traits, which you explore and learn to exploit
in this chapter.Viruses
A virus represents the oldest form of malware and is by far the best known to the public.
But what is a virus? What separates a virus from other forms of malware? How is a virus
created, and how does it target its victim? This section explores these questions and how
they affect you, the ethical hacker.The first code that could be classified as a virus arrived way back in 1970 in
the form of the Creeper project. This project implemented capabilities such
as replication and the ability to infect a system. The project also spawned
another virus known as the reaper, which removed the Creeper from any
system infected with the code.The Life and Times of a Virus
Let’s explore what it means to be a virus before we get too far along. Simply put, a virus
is a self-replicating application that attaches itself to other executable programs. Many
viruses affect the host as soon as they are executed; others lie in wait, dormant, until a
predetermined event or time, before carrying out their instructions. What does the virus do
then? Many potential actions can take place, such as these:
■ Altering data
■ Infecting other programs
■ Replicating
■ Encrypting itself
■ Transforming itself into another form
■ Altering configuration settings
■ Destroying data
■ Corrupting or destroying hardwareViruses are not restricted to the actions listed here and can easily perform
a wide range of potential activities. The authors of malware are constantly
developing and refining their craft, so you must be ever vigilant in order to
pick up the new variations.The process of developing a virus is very methodical. The author is concerned with
creating an effective virus that can be spread easily. The process occurs in six steps: