A look back at two of the most damaging malicious codes of the 1990s
Every Monday in November we will be dipping into the history books and remembering some of the most infamous computer threats of each decade, starting with the 1980s and continuing on until 2010 as we continue to mark Antimalware Day and also as part of the celebration of International Security Day, which is on November 30.
We started this series remembering the Brain computer virus and the Morris worm, and this time we will stop at two well-remembered threats of the 90s — the Michelangelo and Melissa viruses.
Discovered for the first time in February 1991, the Michelangelo virus was designed to infect DOS systems, more specifically the master boot record of the hard disk and the boot sector of floppy disks.
The peculiarity of this virus written in Assembler is that it remained dormant until March 6 of that year, a date that happened to coincide with the birth of Renaissance artist Miguel Ángel. A connection that led researchers to deciding on the name of the virus once it was discovered.
When an operating computer became infected with Michelangelo, the payload went out of its resting state and overwrote all data on the hard disk with random characters, making information retrieval practically impossible. But it only worked if the computer was powered on on that particular date, otherwise the information remained intact.
Michelangelo was a variant of the Stoned virus. And although it is not known what the origin of this virus was, some speculated that it may been created in Australia or New Zealand, although there was also the theory that it could have been developed in Sweden, Denmark or Holland.
It is estimated that at that time it managed to infect more than five million computers around the world and generated much excitement and coverage in the media of the day. An article published in the Los Angeles Times at the time claimed that the virus infected a small architectural and civil engineering company in Japan. The lost data represented an economic loss valued between 20,000 and 30,000 US$.
The Melissa virus was a macro virus that began to spread in March 1999. It was the first virus that used electronic mail to spread on a large scale and in a short time it became, at that period, the fastest spreading virus of all time.
Through an email that was disguised to be from a friend or colleague, along with the subject “important message”, a malicious attachment was included under the name “list.doc” that targeted Microsoft Word users and infected operating systems Windows 95, 98, NT and Macintosh.
The virus was designed to send a malicious email to the first 50 addresses in the address list of each user who received it; although those emails would only be sent if Microsoft Outlook was used on the computer for the management of emails. In addition, each infected computer could infect 50 additional computers, which in turn could infect another 50 and so on. Once activated, the virus modified the user’s document by adding comments from the popular television series The Simpsons and could also access and send confidential information located on the computer without being detected.
In the United States, it is estimated that Melissa caused losses of more than 80 million US$ in damages. Its creator was David L. Smith, an American citizen, who pleaded guilty in court and received 20 months in prison and a fine of 5,000 US$.