Introduction Course
Introduction course
Standard Grade
Information Systems
Intermediate II
Information Systems
Business Studies

Logic bombs

Like other viruses, logic bombs are designed to cause harm to your computer. Logic bombs, however, only trigger when specific conditions are met. For example a computer programmer may insert code into a payroll program that deletes files if her name is not found on the list. In other words the files will be deleted if she is ever fired.

Other viruses, called time bombs, may only detonate on a specific date or time. An example of this is the Jerusalem virus which, every Friday the 13th, deletes all the files on an infected computer.


Screen Savers

On a Microsoft Windows computer a .SCR file is a screen saver. As screen savers are just computer programs they are a useful way of inserting a virus into your computer. Typically SCR viruses come as an attachment to an e-mail. The text urges the recipient to click the attached file by promising perhaps a funny cartoon or enticing picture.

Once clicked the virus then installs itself onto your computer. As the SCR file pretends to be something else it is another example of a Trojan. Perhaps the most famous example of a SCR virus is the SOBIG worm, which installed software to send spam.


Image Viruses

Image viruses cannot cause any damage to a computer by themselves. Instead the code they contain exploits problems in other programs. For example, the code to draw images in Microsoft Windows was found to have a flaw. This flaw allowed images to access parts of the system that they would not normally be allowed to access.

An infected image, transferred to your computer on a web page, in a document or in a chat window could access your system and plant a virus.

As images are not normally seen as a threat these viruses are not stopped by normal anti-virus software. Instead it is important to check for any system updates provided by the manufacturer of your operating system.

The original version of this image virus was known as Trojan.Moo.


To Do:

  1. In Glow Learn answer the multiple choice questions in the test called Viruses. You will receive immediate feedback on your progress.

and there's more .....


Macro Virus

We've already mentioned that some applications, like word processors and spreadsheets, can be programmed to change the way they work. To do this they store programs called Macros. Unfortunately these macros, as well as doing useful things like automatically formatting a document, can be used to attack your computer.

Because macros are stored in documents they sometimes seem to be less of a threat than other programs, but this is not really the case as they can do serious damage. You should never open documents if you are unsure of where they come from. Opening them allows any macro viruses to run and your computer to become infected.

One example of a macro virus is the Nimba worm which attacked systems in many different ways including via e-mail and back doors.


Resident Virus

Some viruses only attack your system when the program that conceals them is run. Other, more sophisticated, viruses stay in your computer's memory ready to attack anything that is run on the computer. These are resident, or memory-resident, viruses.

The concept of a resident virus is simple. Your computer runs many programs at the same time. This is called multi-tasking. At any moment you may have several programs such as a word processor, a web browser and a media player and many others running simultaneously in your system.

A resident virus is written to work in the same way. Unlike the other programs, however, resident viruses hide in your system. They run whenever something else does, such as when you click a mouse to start a program. In this way they can easily infect other programs.

Script Viruses (VBA, VBS, JS)

Like macro viruses, script viruses use programming languages present on your system to attack it. Indeed, most macro viruses are VBA viruses.
VBA is Visual Basic for Applications and is the language used by Microsoft for its applications like Word and Excel.

VBS is Visual Basic Script edition and is used for scripting in web applications like Internet Explorer. The worm ILoveYou was written in VBS.

JS is JavaScript, a variation on the Java programming language. Unlike the other script languages here JavaScript cannot itself be used to harm your system as it works in a "sandbox" or protected area of your computer. Instead, JavaScript is used to exploit security problems in other programs such as web browsers. This is known as a Browser exploit. An example of this would be the denial of service attack Spoon.


Stealth Viruses

There is a continual war between virus writers and anti-virus writers. As soon as new viruses are created, anti-virus software is created to neutralise and remove them. Virus writers have adopted various strategies to fool anti-virus software. One of the most popular and successful ways of fooling anti-virus software is to create a stealth virus.


Mail Bombs

A mail bomb is a form of denial of service attack. The idea is to flood someone's system with more e-mail than it can cope with.

There are two ways to make a mail bomb. The first is to send millions of e-mails to one address simultaneously. This leads to the system filling up and crashing. The second is to send small compressed files that, when decompressed, expand to extremely large files, again filling up the e-mail server and causing a crash. One example of this is the Win32.Netsky.J worm.


Backdoors and Rootkits

A backdoor is a way of accessing a computer without going through the normal access routines such as entering a name and password. It can be installed by a virus or even by legitimate programs.

This is closely related to another type of attack known as a rootkit, which is used to conceal programs of files to help hackers avoid detection. A rootkit can be used to open a backdoor, allowing hackers into a system. An example of a virus that installs a backdoor is the MyDoom worm, created to send junk mail from infected computers.

One of the most famous rootkits was installed when a copy-protected Sony CD was played on a computer. Click here to find out some of the details of this infamous case.



To Do:

  1. Click on the link below to open the Virus Puzzle crossword. This will open in a new web page. Complete the puzzle using the information on the previous pages to help you out.
Virus Puzzle

Continue to Malware



Home | S1 Topics | S2 Topics
Computing Standard Grade | Information Systems Int II | Information Systems Higher | Internet Safety
Log into Glow | School Website | Contact Us