WEBVTT - The Ten Worst Computer Viruses

0:00:00.320 --> 0:00:02.960
<v Speaker 1>Brought to you by the reinvented two thousand twelve Camray.

0:00:03.240 --> 0:00:08.800
<v Speaker 1>It's ready. Are you get in touch with technology? With

0:00:08.920 --> 0:00:14.600
<v Speaker 1>tech stuff from how stuff works dot com. Hi, welcome

0:00:14.640 --> 0:00:16.959
<v Speaker 1>to the podcast. My name is Chris Poett. I'm an

0:00:17.040 --> 0:00:19.599
<v Speaker 1>editor here and How Stuff Works and with me is

0:00:19.720 --> 0:00:24.880
<v Speaker 1>writer Jonathan Strickland. My computer doesn't feel well. Have you

0:00:24.920 --> 0:00:28.360
<v Speaker 1>taken its temperature? Uh? Actually this is not the one

0:00:28.440 --> 0:00:31.360
<v Speaker 1>that overheated. This This is the new laptop. The old

0:00:31.360 --> 0:00:34.120
<v Speaker 1>one was the one that overheating. That was That was

0:00:34.159 --> 0:00:36.920
<v Speaker 1>my lame attempt to lead into what we're talking about today.

0:00:37.200 --> 0:00:40.760
<v Speaker 1>Oh you mean computer viruses. Yes, yes, we recently had

0:00:40.800 --> 0:00:43.480
<v Speaker 1>an article on the feature on the site the ten

0:00:43.600 --> 0:00:47.760
<v Speaker 1>worst computer viruses of All Time, and I thought that

0:00:48.120 --> 0:00:50.680
<v Speaker 1>would be a clever way to lead in. Obviously, Um

0:00:50.720 --> 0:00:54.240
<v Speaker 1>I was wrong. Well, you know, we had a difficult

0:00:54.280 --> 0:00:59.840
<v Speaker 1>time choosing which because you know, there's so many really

0:00:59.880 --> 0:01:02.520
<v Speaker 1>are they really are? And the ones that that we

0:01:02.640 --> 0:01:06.039
<v Speaker 1>picked were chosen for different reasons, and some of them

0:01:06.040 --> 0:01:09.360
<v Speaker 1>were more destructive than others, but others broke new ground

0:01:09.440 --> 0:01:15.440
<v Speaker 1>in virus world. Shenanigan's Yeah, yeah, they caused brand new

0:01:15.480 --> 0:01:19.280
<v Speaker 1>headaches for everybody involved. Um, besides the person who wrote them,

0:01:19.280 --> 0:01:23.040
<v Speaker 1>I suppose. Well, let let's give a little background here. Okay, So, um,

0:01:23.080 --> 0:01:27.640
<v Speaker 1>so computer viruses date back quite a ways. Uh. In fact,

0:01:27.840 --> 0:01:31.240
<v Speaker 1>there's a scientist by the name of John Van Newman

0:01:31.720 --> 0:01:35.920
<v Speaker 1>who theorized way back in ninety nine that it would

0:01:35.920 --> 0:01:39.520
<v Speaker 1>be possible to create a program that could self replicate,

0:01:39.680 --> 0:01:42.280
<v Speaker 1>which is generally what we talk about when we talk

0:01:42.280 --> 0:01:47.440
<v Speaker 1>about computer viruses. There are different kinds of computer viruses. Um.

0:01:47.560 --> 0:01:51.200
<v Speaker 1>The the standard, uh, the original good old computer virus

0:01:51.280 --> 0:01:53.720
<v Speaker 1>that was that would cause a lot of trouble would

0:01:53.720 --> 0:01:56.080
<v Speaker 1>be the kind that would infect your computer and then

0:01:56.200 --> 0:02:00.880
<v Speaker 1>overwrite data and and essentially turn your computer into a

0:02:01.000 --> 0:02:05.640
<v Speaker 1>useless pile of junk. Right those were Boy, those were

0:02:05.640 --> 0:02:09.200
<v Speaker 1>the good old days. Yeah. That was really irritating. It

0:02:09.280 --> 0:02:11.840
<v Speaker 1>meant that you'd lose everything. Even if you could, um,

0:02:12.000 --> 0:02:14.160
<v Speaker 1>even if you could fix your computer, you there was

0:02:14.200 --> 0:02:15.880
<v Speaker 1>a good chance you weren't going to be able to

0:02:15.919 --> 0:02:18.360
<v Speaker 1>retrieve data that had been stored on that computer up

0:02:18.400 --> 0:02:21.600
<v Speaker 1>to that point. Um. Those were nasty. But there are

0:02:21.600 --> 0:02:26.079
<v Speaker 1>other kinds as well that are equally evil. Um. There

0:02:26.080 --> 0:02:29.919
<v Speaker 1>are the computer worms, uh, and there are the trojan horses.

0:02:30.120 --> 0:02:33.320
<v Speaker 1>And together these kind of make up everything we think

0:02:33.360 --> 0:02:36.800
<v Speaker 1>of when we say computer viruses. The virus is really

0:02:37.000 --> 0:02:40.600
<v Speaker 1>sort of used as a blanket term um by the

0:02:40.680 --> 0:02:45.040
<v Speaker 1>security public. I would say, you know, people talk about

0:02:45.400 --> 0:02:48.200
<v Speaker 1>when you hear people talk about viruses, it may actually

0:02:48.200 --> 0:02:50.360
<v Speaker 1>be a worm or a trojan that they're talking about.

0:02:50.400 --> 0:02:53.720
<v Speaker 1>Worm is actually a program that can go by itself

0:02:53.760 --> 0:02:56.880
<v Speaker 1>and replicate itself, rather than piggybacking on another program, which

0:02:56.919 --> 0:02:58.960
<v Speaker 1>is what an actual virus is, right right, the old

0:02:58.960 --> 0:03:01.840
<v Speaker 1>computer viruses usually it was well, I mean always it was.

0:03:02.040 --> 0:03:04.359
<v Speaker 1>It was some a little self replicating program that was

0:03:04.440 --> 0:03:07.720
<v Speaker 1>part of a larger program. So for instance, um, you

0:03:07.760 --> 0:03:12.160
<v Speaker 1>could corrupt a macro in Microsoft word in the old

0:03:12.240 --> 0:03:15.839
<v Speaker 1>days and create a computer virus that way. But a worm, yes,

0:03:15.919 --> 0:03:18.639
<v Speaker 1>as you say, is its own program, it's own applications.

0:03:18.680 --> 0:03:21.040
<v Speaker 1>So as soon as you execute it, that's when it

0:03:21.080 --> 0:03:24.840
<v Speaker 1>activates and and begins to to cause issues. Whereas the

0:03:24.880 --> 0:03:29.160
<v Speaker 1>trojan that gives bad guys the opportunity to really mess

0:03:29.160 --> 0:03:31.720
<v Speaker 1>with your computer, Yeah, it's a it's a program as

0:03:31.760 --> 0:03:34.720
<v Speaker 1>trojan horse you might expect from the name. Uh, it's

0:03:34.720 --> 0:03:37.000
<v Speaker 1>a program that that looks like one thing that actually

0:03:37.000 --> 0:03:40.240
<v Speaker 1>does something else. Entirely. Uh So somebody may say, hey,

0:03:40.240 --> 0:03:42.440
<v Speaker 1>you know, you need to take a look at this file.

0:03:42.480 --> 0:03:45.680
<v Speaker 1>It's the greatest video ever, and you double click on it,

0:03:45.720 --> 0:03:48.960
<v Speaker 1>and all of a sudden you're going, hey, wait, this

0:03:49.040 --> 0:03:51.880
<v Speaker 1>isn't really a video file. But by that point, your

0:03:51.880 --> 0:03:56.040
<v Speaker 1>computer may be infected with something nasty, right, And the

0:03:56.440 --> 0:03:59.880
<v Speaker 1>really clever ones just make you think that whatever program

0:03:59.880 --> 0:04:02.840
<v Speaker 1>you downloaded just didn't work correctly, and so you may

0:04:02.880 --> 0:04:05.200
<v Speaker 1>not even be aware that your computer has been infected.

0:04:05.240 --> 0:04:06.600
<v Speaker 1>You may just think that you've got a hold of

0:04:06.760 --> 0:04:09.560
<v Speaker 1>a faulty file, and and that's that's the worst of it,

0:04:09.920 --> 0:04:12.720
<v Speaker 1>when in reality, someone is using your computer either to

0:04:12.800 --> 0:04:17.320
<v Speaker 1>access information or or create a zombie computer army. We've

0:04:17.360 --> 0:04:21.960
<v Speaker 1>talked about that before, or um any number of really evil,

0:04:22.279 --> 0:04:27.960
<v Speaker 1>icky things that you don't want to happen to your computer. Right, So,

0:04:28.000 --> 0:04:29.760
<v Speaker 1>I guess we can just dive on in and talk

0:04:29.760 --> 0:04:32.000
<v Speaker 1>about some of the ones that made the list. I'm

0:04:32.000 --> 0:04:35.200
<v Speaker 1>sure everyone's just chomping up a bit to find out. Well,

0:04:35.240 --> 0:04:37.039
<v Speaker 1>the first one we were going to talk about today

0:04:37.120 --> 0:04:44.560
<v Speaker 1>is as an actual virus. Melissa, Yes, Melissa Melissa, named

0:04:44.600 --> 0:04:50.119
<v Speaker 1>after an exotic dancer in Florida. Uh, poetry, really, isn't it?

0:04:50.839 --> 0:04:54.039
<v Speaker 1>So what a nice sentiment. Yeah, this was created by

0:04:54.080 --> 0:04:57.240
<v Speaker 1>a guy named David L. Smith. This is uh back

0:04:57.279 --> 0:05:02.240
<v Speaker 1>in and uh yeah, it's an actual computer virus that

0:05:02.320 --> 0:05:05.640
<v Speaker 1>spread um through email. And it was a it was

0:05:05.720 --> 0:05:07.960
<v Speaker 1>a one of the ones we were talking about, like

0:05:08.040 --> 0:05:11.080
<v Speaker 1>a piggybacking on the Microsoft word document. Yep, yep. This

0:05:11.120 --> 0:05:13.599
<v Speaker 1>is the reason you get an alert when you open

0:05:13.640 --> 0:05:15.560
<v Speaker 1>a document and word when it and it has a

0:05:15.640 --> 0:05:18.440
<v Speaker 1>macro in it, and it goes, hey, are you sure

0:05:18.480 --> 0:05:20.320
<v Speaker 1>you want to do this because it has macro's. Well,

0:05:20.680 --> 0:05:25.159
<v Speaker 1>now you know why. Melissa really brought our awareness up

0:05:25.200 --> 0:05:27.640
<v Speaker 1>in terms of what a macro. You know what these

0:05:27.640 --> 0:05:31.359
<v Speaker 1>add ons can do to a simple word document or

0:05:31.440 --> 0:05:34.320
<v Speaker 1>you know, I guess office document or anything that uses macros.

0:05:35.320 --> 0:05:38.080
<v Speaker 1>And uh, it didn't do that much damage really, It

0:05:38.360 --> 0:05:41.239
<v Speaker 1>just it made the list mainly, as you say, because

0:05:41.240 --> 0:05:45.320
<v Speaker 1>it it really raised awareness. Before that point, computer viruses

0:05:45.320 --> 0:05:49.160
<v Speaker 1>were usually spread by someone handing you a floppy disk

0:05:49.279 --> 0:05:51.360
<v Speaker 1>that had a corrupted file on it and you ran

0:05:51.400 --> 0:05:54.680
<v Speaker 1>it that way. Um. You know, that was the pre

0:05:54.960 --> 0:05:57.720
<v Speaker 1>internet days, so it was all social engineering. It was

0:05:57.760 --> 0:06:00.080
<v Speaker 1>all hey, I've got this great game on this U

0:06:00.080 --> 0:06:02.080
<v Speaker 1>why don't you run it? And then you screw up

0:06:02.080 --> 0:06:06.000
<v Speaker 1>your computer. So Melissa really took it to the next level,

0:06:06.200 --> 0:06:10.240
<v Speaker 1>you know, mass distribution. Don't take floppy discs from strangers. No,

0:06:10.680 --> 0:06:12.599
<v Speaker 1>And and that kind of leads us to the social

0:06:12.640 --> 0:06:15.599
<v Speaker 1>engineering is not is not just from the old days.

0:06:15.640 --> 0:06:18.320
<v Speaker 1>I mean, it's still happening today. Uh. And the next

0:06:18.360 --> 0:06:20.240
<v Speaker 1>one is a kind of a good example of that.

0:06:20.240 --> 0:06:24.039
<v Speaker 1>That's the I Love you bug um, which would spread

0:06:24.080 --> 0:06:26.520
<v Speaker 1>through email and you would get a message saying I

0:06:26.600 --> 0:06:29.520
<v Speaker 1>love you, and I think most of us feel warm

0:06:29.560 --> 0:06:32.880
<v Speaker 1>and comforted when we hear those words. Uh, and so

0:06:33.040 --> 0:06:36.200
<v Speaker 1>we you your natural inclination was to open up the

0:06:36.240 --> 0:06:39.039
<v Speaker 1>email find out what this little ghili bob was, and

0:06:39.080 --> 0:06:43.760
<v Speaker 1>you click on it, and that's when it activated. The bug. Yeah,

0:06:43.800 --> 0:06:46.960
<v Speaker 1>it copied itself, It added files to your computer's registry,

0:06:47.080 --> 0:06:50.719
<v Speaker 1>replaced other files on your computer with copies of itself,

0:06:51.000 --> 0:06:53.320
<v Speaker 1>and then it started sending itself around to other people

0:06:53.440 --> 0:06:56.400
<v Speaker 1>via email or our Internet relay chat. Yeah I r C.

0:06:56.760 --> 0:07:00.600
<v Speaker 1>Yeah it's pretty bad. And then it downloaded and and

0:07:00.640 --> 0:07:03.560
<v Speaker 1>would execute a password stealing program. So if you started,

0:07:04.160 --> 0:07:06.560
<v Speaker 1>you know, you have all your passwords stored on your

0:07:06.600 --> 0:07:10.200
<v Speaker 1>computer for different different applications, all of a sudden, it's

0:07:10.200 --> 0:07:13.280
<v Speaker 1>sending him back to the originator of the virus, right,

0:07:13.360 --> 0:07:17.200
<v Speaker 1>and this one, the originator of the virus, is one

0:07:17.240 --> 0:07:19.400
<v Speaker 1>of those kind of mysteries we think we know who

0:07:19.400 --> 0:07:22.480
<v Speaker 1>did it, but it's kind of it's impossible to say

0:07:22.480 --> 0:07:27.320
<v Speaker 1>for sure. Now, allegedly the man responsible was Onnell the

0:07:27.400 --> 0:07:32.440
<v Speaker 1>Guzman from the Philippines. But the thing was when when

0:07:32.480 --> 0:07:35.800
<v Speaker 1>he was first being investigated, he was under age and

0:07:36.040 --> 0:07:38.280
<v Speaker 1>so could not be tried as an adult, and uh,

0:07:38.320 --> 0:07:40.680
<v Speaker 1>and it just kind of kind of faded away. And

0:07:40.720 --> 0:07:45.200
<v Speaker 1>then when he became of age, he's sort of in

0:07:45.240 --> 0:07:48.920
<v Speaker 1>a circumspect way kind of but not really admitted to

0:07:49.040 --> 0:07:54.320
<v Speaker 1>being to be the perpetrator. So we're fairly certain that

0:07:54.400 --> 0:07:57.440
<v Speaker 1>he's the man responsible, But you know, it could just

0:07:57.480 --> 0:07:59.400
<v Speaker 1>be a lot of talk. Well I'll tell you, if

0:07:59.600 --> 0:08:02.840
<v Speaker 1>I had done created a virus that did ten billion

0:08:02.880 --> 0:08:06.520
<v Speaker 1>dollars worth of damages over the Internet, I probably wouldn't be,

0:08:06.800 --> 0:08:08.320
<v Speaker 1>you know, willing to raise my hand up and go,

0:08:08.440 --> 0:08:12.280
<v Speaker 1>hey I did this right. No, maybe under a handle, yeah,

0:08:12.760 --> 0:08:16.360
<v Speaker 1>but not not with your real name. So I guess

0:08:16.360 --> 0:08:18.400
<v Speaker 1>we can move on to the next one. I've been

0:08:18.400 --> 0:08:22.680
<v Speaker 1>talking about about moving on. Um. This was one that

0:08:22.800 --> 0:08:24.560
<v Speaker 1>I heard a lot about when I worked in the

0:08:24.920 --> 0:08:29.400
<v Speaker 1>computer security industry. UM. It's s QL slammer, also known

0:08:29.440 --> 0:08:33.560
<v Speaker 1>as sequel slammer. UM. And this, this was a fast

0:08:33.640 --> 0:08:37.559
<v Speaker 1>moving virus. This is this was a classic. In fifteen

0:08:37.600 --> 0:08:41.160
<v Speaker 1>minutes after it was detected, it had already infected nearly

0:08:41.200 --> 0:08:45.440
<v Speaker 1>half of the Internet servers, which uh, in terms of

0:08:45.600 --> 0:08:47.679
<v Speaker 1>you compare that to Melissa or I Love you. They

0:08:47.679 --> 0:08:50.960
<v Speaker 1>were they spread and they spread pretty widely, but not

0:08:51.080 --> 0:08:54.880
<v Speaker 1>like this. This was a big old eye opener for

0:08:54.960 --> 0:08:58.319
<v Speaker 1>the industry. Caused about a billion dollars worth of damage.

0:08:58.400 --> 0:09:02.920
<v Speaker 1>And it uh, it exploitedvulnerabilities within the system. It wasn't

0:09:02.960 --> 0:09:06.920
<v Speaker 1>necessarily a program designed. It wasn't like a self replicating

0:09:06.960 --> 0:09:09.719
<v Speaker 1>program in the traditional sense. It was one that that

0:09:09.840 --> 0:09:15.040
<v Speaker 1>exploited of vulnerability that the the virus programmer whom who

0:09:15.080 --> 0:09:18.959
<v Speaker 1>knows who this this guy is, we don't know. Um uh.

0:09:19.040 --> 0:09:22.560
<v Speaker 1>He discovered it and took advantage of it. And there

0:09:22.640 --> 0:09:24.920
<v Speaker 1>there are people who do this for a living, who

0:09:24.960 --> 0:09:29.240
<v Speaker 1>actually look for vulnerabilities that can be exploited. UM. Those

0:09:29.280 --> 0:09:32.000
<v Speaker 1>we usually call white hats. And then we've got the

0:09:32.080 --> 0:09:35.840
<v Speaker 1>people who look for vulnerabilities in order to exploit them

0:09:35.920 --> 0:09:38.200
<v Speaker 1>and actually take advantage of them, not to fix them.

0:09:38.240 --> 0:09:41.800
<v Speaker 1>Those are the black hats, so good old cowboy imagery

0:09:41.840 --> 0:09:47.800
<v Speaker 1>there um from the you know, the wild wild Internet. Yeah. Actually,

0:09:48.160 --> 0:09:52.240
<v Speaker 1>in general, a virus or you know whatever malware if

0:09:52.240 --> 0:09:54.719
<v Speaker 1>you will, um, it's going to take advantage of some

0:09:54.840 --> 0:09:59.120
<v Speaker 1>vulnerability in your system. Basically, when they when the developers

0:09:59.240 --> 0:10:01.480
<v Speaker 1>right code, whether at your operating system or a program

0:10:01.480 --> 0:10:03.720
<v Speaker 1>that runs on your operating system, there's a hole in

0:10:03.760 --> 0:10:06.440
<v Speaker 1>there somewhere and somebody can go in a white hat

0:10:06.520 --> 0:10:08.920
<v Speaker 1>or black hat or both. A lot of times they'll

0:10:08.920 --> 0:10:12.439
<v Speaker 1>publish these vulnerabilities. They're they're picking apart the code and going,

0:10:12.480 --> 0:10:15.439
<v Speaker 1>you know what, if I did this here at this

0:10:15.559 --> 0:10:19.440
<v Speaker 1>right time, I could gain control the entire computer. And

0:10:19.520 --> 0:10:22.600
<v Speaker 1>that's uh, that's why you you know, look down and

0:10:22.679 --> 0:10:26.520
<v Speaker 1>you see your even Mac computers or Windows computers both

0:10:26.720 --> 0:10:28.679
<v Speaker 1>have these things, and they go, hey, there's a new

0:10:28.720 --> 0:10:31.840
<v Speaker 1>software security update. You need to download this update your system. Well,

0:10:31.840 --> 0:10:34.880
<v Speaker 1>that's that's why these these vulnerabilities come to light and

0:10:34.920 --> 0:10:38.480
<v Speaker 1>then you end up patching your system. Well, I guess

0:10:38.480 --> 0:10:40.720
<v Speaker 1>we can move on to the next one. The the

0:10:40.920 --> 0:10:50.600
<v Speaker 1>Sasser virus. Um. Yeah, the speaking of underage hackers. Um.

0:10:50.679 --> 0:10:54.800
<v Speaker 1>The person that developed Sasser and net ski worms was

0:10:54.840 --> 0:10:59.040
<v Speaker 1>a seventeen year old German who never actually spent any

0:10:59.080 --> 0:11:03.280
<v Speaker 1>time in jail because he was under age. But Sasser,

0:11:03.760 --> 0:11:06.920
<v Speaker 1>he apparently wrote both of these worms. But sassor would scan,

0:11:07.480 --> 0:11:10.560
<v Speaker 1>would get on your computer and scan random addresses Internet

0:11:10.600 --> 0:11:13.920
<v Speaker 1>addresses to find other vulnerable computers that it could download

0:11:14.200 --> 0:11:17.280
<v Speaker 1>and copy itself to. So it actively was seeking out

0:11:17.400 --> 0:11:20.320
<v Speaker 1>other machines that it could could do that too, and

0:11:20.520 --> 0:11:22.600
<v Speaker 1>would actually make it impossible for you to turn off

0:11:22.640 --> 0:11:26.360
<v Speaker 1>your machine, right, so it didn't want you to stop

0:11:26.360 --> 0:11:28.280
<v Speaker 1>it from doing its work. You had to unplug your

0:11:28.280 --> 0:11:30.520
<v Speaker 1>computer if you wanted to uh to get it to

0:11:30.520 --> 0:11:33.640
<v Speaker 1>cut it out. And this is a Microsoft Windows virus,

0:11:33.679 --> 0:11:36.800
<v Speaker 1>we should say. It was specifically looking at Windows vulnerabilities.

0:11:37.120 --> 0:11:40.160
<v Speaker 1>So if you were using a different operating system, um

0:11:40.320 --> 0:11:45.000
<v Speaker 1>you were, you were okay, uh from this particular kind

0:11:45.000 --> 0:11:48.439
<v Speaker 1>of worm. UM. That's that's actually an interesting point we

0:11:48.480 --> 0:11:50.400
<v Speaker 1>should make too. I guess we can make it right here.

0:11:50.920 --> 0:11:54.520
<v Speaker 1>You hear a lot about viruses attacking PCs and not

0:11:54.640 --> 0:11:57.760
<v Speaker 1>as many attacking max uh, and you might think, well,

0:11:57.840 --> 0:12:00.360
<v Speaker 1>does that mean that the mac is is autumn etically

0:12:00.360 --> 0:12:04.120
<v Speaker 1>a more secure machine. Well, that's that's not necessarily the case.

0:12:04.600 --> 0:12:09.560
<v Speaker 1>There's this concept called security through obscurity. UM. Part of

0:12:09.600 --> 0:12:12.440
<v Speaker 1>that is if you if not that many people are

0:12:12.559 --> 0:12:15.800
<v Speaker 1>using your system, then there's lesson than incentive to create

0:12:15.880 --> 0:12:18.720
<v Speaker 1>an attack that targets that system. I mean, you're not

0:12:18.720 --> 0:12:21.880
<v Speaker 1>going to hit as many people, So why spend that

0:12:22.040 --> 0:12:25.200
<v Speaker 1>time and energy developing an attack when you could do

0:12:25.240 --> 0:12:26.800
<v Speaker 1>it for a different system that's going to hit a

0:12:26.800 --> 0:12:30.440
<v Speaker 1>lot more people. Yeah, and part of the uh, I'm

0:12:30.480 --> 0:12:34.040
<v Speaker 1>just guessing that part of the reason that hackers create

0:12:34.120 --> 0:12:36.320
<v Speaker 1>these viruses in the first place is to gain the

0:12:36.360 --> 0:12:39.120
<v Speaker 1>notoriety and you know, be the person that took down

0:12:39.200 --> 0:12:41.640
<v Speaker 1>the Internet. So I mean, if you're only gonna take

0:12:41.679 --> 0:12:46.120
<v Speaker 1>down you know, five million computers versus the entirety of

0:12:46.160 --> 0:12:48.760
<v Speaker 1>the Internet, you know, why would you go after the

0:12:48.840 --> 0:12:51.200
<v Speaker 1>small batch? Why wouldn't you try to get as much

0:12:51.440 --> 0:12:54.679
<v Speaker 1>damage as you're you know, you can possibly do if

0:12:54.720 --> 0:12:57.240
<v Speaker 1>you have another ulterior motive, like let's say you've got

0:12:57.320 --> 0:13:01.400
<v Speaker 1>a personal vendetta against a specific website and you want

0:13:01.400 --> 0:13:04.600
<v Speaker 1>to create a zombie network to attack that website and

0:13:04.600 --> 0:13:06.920
<v Speaker 1>bring it down. Obviously you want to try and go

0:13:07.040 --> 0:13:11.480
<v Speaker 1>for whichever system has the widest audience because that will

0:13:11.520 --> 0:13:13.760
<v Speaker 1>make it more effective attack in the long run. Because

0:13:13.800 --> 0:13:16.079
<v Speaker 1>a lot of these viruses, that's exactly what the end

0:13:16.080 --> 0:13:20.680
<v Speaker 1>goal is is to to try and bring down specific entities.

0:13:21.040 --> 0:13:24.240
<v Speaker 1>So we've seen this happened to websites like Yahoo and

0:13:24.240 --> 0:13:28.440
<v Speaker 1>and CNN. Uh, it's it's not unusual, which kind of

0:13:28.480 --> 0:13:30.719
<v Speaker 1>brings us up to the uh. The last one we're

0:13:30.720 --> 0:13:35.600
<v Speaker 1>gonna talk about right now, the the the infamous storm worm. Yeah.

0:13:35.640 --> 0:13:39.200
<v Speaker 1>This Uh. Jonathan is saying that this is my my

0:13:39.240 --> 0:13:42.320
<v Speaker 1>pet worm, if you will. But I think it's because

0:13:42.440 --> 0:13:45.600
<v Speaker 1>it's interesting to me. Um. It's it's not really called

0:13:45.600 --> 0:13:48.960
<v Speaker 1>the storm worm. There's actually another pretty mild worm called

0:13:48.960 --> 0:13:51.960
<v Speaker 1>the storm worm, but it's it's known as its real name,

0:13:52.120 --> 0:13:55.440
<v Speaker 1>if you will. These are named by the security firms,

0:13:55.640 --> 0:13:57.920
<v Speaker 1>so um. One of them calls it pea Calm, another

0:13:58.000 --> 0:14:01.720
<v Speaker 1>calls it new War. Uh. But basically it's called the

0:14:01.720 --> 0:14:06.959
<v Speaker 1>storm warm because it propagates through email primarily. UM, it's

0:14:06.960 --> 0:14:10.480
<v Speaker 1>a trojan. So you think you were downloading the newest

0:14:10.600 --> 0:14:15.280
<v Speaker 1>video or some other kind of file. And actually one

0:14:15.320 --> 0:14:18.160
<v Speaker 1>of the original subject lines was, you know, a huge

0:14:18.200 --> 0:14:21.560
<v Speaker 1>storm kills millions in China, and so it was the

0:14:21.600 --> 0:14:24.320
<v Speaker 1>idea was to try and trick you into clicking on

0:14:24.360 --> 0:14:28.880
<v Speaker 1>a on a specific thing within the email um by

0:14:29.000 --> 0:14:31.600
<v Speaker 1>masking it as a news story. Yeah, that's that's your

0:14:31.600 --> 0:14:34.280
<v Speaker 1>social engineering at work again. They're trying to convince you

0:14:34.360 --> 0:14:38.080
<v Speaker 1>that this is a very topical moment. Uh. There were

0:14:38.120 --> 0:14:41.239
<v Speaker 1>some that went out a few months ago about the Olympics.

0:14:41.680 --> 0:14:43.800
<v Speaker 1>You know, they were news headlines, and they're trying to

0:14:43.840 --> 0:14:46.320
<v Speaker 1>get you to do this, or they'll they'll use uh,

0:14:46.920 --> 0:14:52.160
<v Speaker 1>you know, particularly um inflammatory comments, so things like political

0:14:52.360 --> 0:14:57.440
<v Speaker 1>statements like Obama punches Clinton. See the video now and

0:14:57.440 --> 0:14:59.600
<v Speaker 1>you go, oh my gosh, really did that really happen?

0:14:59.640 --> 0:15:02.040
<v Speaker 1>And you go click on it. Then you've downloaded the trojan.

0:15:02.760 --> 0:15:05.840
<v Speaker 1>But the really weird thing about this one is this

0:15:05.880 --> 0:15:09.480
<v Speaker 1>trojan can actually carry different payloads. It could turn your

0:15:09.480 --> 0:15:13.160
<v Speaker 1>computer into a zombie. Uh, it could actually set use

0:15:13.280 --> 0:15:16.160
<v Speaker 1>your computer to send spam to create a denial of

0:15:16.200 --> 0:15:20.760
<v Speaker 1>service attack, and it has been known to carry spam

0:15:20.920 --> 0:15:25.320
<v Speaker 1>denial of service attack payloads that attack specific sources. So

0:15:26.000 --> 0:15:29.200
<v Speaker 1>you know, if there's somebody that speaks out against this

0:15:29.320 --> 0:15:31.360
<v Speaker 1>storm warm and tries to draw attention to it it

0:15:31.400 --> 0:15:33.760
<v Speaker 1>has been I read an article several months ago about this,

0:15:34.040 --> 0:15:36.640
<v Speaker 1>how it has been known to go after those sites

0:15:36.640 --> 0:15:40.600
<v Speaker 1>to try to to shut them up, which is pretty sophisticated,

0:15:40.720 --> 0:15:44.760
<v Speaker 1>very insidious. Yeah right, well, that's that's gonna wrap up

0:15:44.800 --> 0:15:47.920
<v Speaker 1>our discussion about the computer viruses for today. But but

0:15:47.960 --> 0:15:51.440
<v Speaker 1>the article does mention others um the code read viruses,

0:15:51.480 --> 0:15:55.920
<v Speaker 1>the klass virus, nimda uh leap a or up as

0:15:56.320 --> 0:16:00.000
<v Speaker 1>mac mac mac virus, and my doom is also on there.

0:16:00.560 --> 0:16:04.720
<v Speaker 1>So certainly go over to how stuff works and check

0:16:04.760 --> 0:16:07.920
<v Speaker 1>out the ten worst computer viruses of all time. You'll

0:16:07.960 --> 0:16:11.280
<v Speaker 1>definitely learn something that's live right now on how stuff

0:16:11.280 --> 0:16:15.480
<v Speaker 1>works dot com. We'll talk to you again soon. For

0:16:15.640 --> 0:16:18.160
<v Speaker 1>more on this and thousands of other topics, visit how

0:16:18.200 --> 0:16:21.240
<v Speaker 1>stuff works dot com. Let us know what you think.

0:16:21.560 --> 0:16:28.440
<v Speaker 1>Send an email to podcast at how stuff works dot com.

0:16:28.560 --> 0:16:31.160
<v Speaker 1>Brought to you by the reinvented two thousand twelve camera.

0:16:31.440 --> 0:16:32.680
<v Speaker 1>It's ready, are you