A Brief History of Worms

written by: Sean Kazen; article published: year 2007, month 03;



In: Categories » » Software » A Brief History of Worms

Worms are nasty, but they certainly aren't new. Major portions of the early Internet were disabled by the Morris Worm way back in November 1988, but that wasn't even the first worm. In 1971, at Bolt Beranek and Newman (BBN), a researcher named Bob Thomas created a program that could move across a network of air traffic control systems, a startling target for such an early specimen. Thomas's so-called Creeper program moved from system to system, relocating its code between machines in an effort to help human air traffic controllers manage their work. Unlike worms, though, Creeper didn't install multiple instances of itself on several targets; it just moseyed around a network, attempting to remove itself from previous systems as it propagated forward.

Years later, the first true worm (i.e., self-replicating code that spread itself via a network) was devised by the brilliant folks at Xerox PARC. Yup, the same folks who created laser printers, the GUI, the mouse, and many other computer gadgets we use on a daily basis also created the first known true worm. However, they didn't plan on using worms as malicious tools. Two Xerox researchers named John F. Shoch and Jon A. Hupp just thought of worms as an amazingly efficient way to spread software to systems. Of course, they were right. Unfortunately, way back in the early 1980s, their first research worm accidentally escaped its captivity and started spreading throughout their own Xerox laboratory network, an ominous sign of worms to come. Today, attackers use the efficiency of worms to spread malware far and wide.

Worm releases really accelerated in the late 1990s and through this decade. The Melissa attack from March 1999 and the Love Bug attack of May 2000 caused many companies to disconnect from the Internet entirely for a day or two. Although most people refer to Melissa and the Love Bug as viruses, they actually were much more wormlike, spreading rampantly via the Internet. More recently, we've seen the Code Red and Nimda worms, which each compromised several hundred thousand machines in 2001. To this day, attackers around the globe are cooking up new and more devious worm recipes. These and other notable worm attacks are shown below. Take a careful look at this table to get a feel for how each of these major worm incidents impacted various systems.

Notable Worms
Worm Name Release Time Frame Target Platform Notable Characteristics
Morris Worm (also known simply as "The Internet Worm") November 1988 UNIX This virulent worm disabled major components of the early Internet, making news headlines worldwide. Most geeks older than a certain age can easily answer the question, "Where were you when the big worm hit?" I was in college, taking a class in C programming, where we got to study the worm in action. Ahhhh… the good old days.
Melissa March 1999 Microsoft Outlook e-mail client Since the Morris Worm 11 years before, only a few minor worm outbreaks had occurred. Most malware development focused on virus writing, which took off in the early and mid-1990s. That all changed with the release of Melissa, which harnessed the power of the Internet to spread malware. This Microsoft Word macro virus spread via Outlook e-mail, acting as a virus (infecting .DOC files) and a worm (spreading via the network).
The Love Bug May 2000 Microsoft Outlook e-mail client This Visual Basic Script worm spread via Outlook e-mail. Several organizations disconnected themselves from the Internet for a couple of days, waiting for this storm to pass.
Ramen January 2001 Linux This worm conquered systems using three different buffer overflow vulnerabilities. Upon installation, it altered the default Web page to proclaim, "Hackers loooove noodles!" Now, I love ramen noodles as much as the next guy. However, I've never felt the need to immortalize them with a worm.
Code Red July 2001 Windows IIS Web server This extremely virulent worm conquered 250,000 systems in less than nine hours. From systems around the world, it planned a packet flood against the IP address of www.whitehouse.gov.
Nimda September 2001 Windows–Internet Explorer, file sharing, IIS Web server, Microsoft Outlook This multiexploit worm included approximately 12 different spreading mechanisms. Released only a week after the September 11, 2001 terrorist attacks, it was one of the most rapidly expanding and determined worms we've ever faced.
Klez January 2002 Microsoft Outlook e-mail clients and Windows file sharing This worm contained a small step toward polymorphism with its randomization of e-mail subject lines and attachment file types. Klez also actively attempted to disable antivirus products.
Slapper September 2002 Linux systems running Apache with OpenSSL This worm spread via a flaw in the Secure Sockets Layer (SSL) code used by Apache Web servers. As it spread, it built a massive peer-to-peer distributed denial-of-service network, awaiting a command from the attacker to launch a massive flood.
SQL Slammer January Windows systems running Microsoft SQL Server database This evil little program spread very efficiently, disabling much of South Korea's Internet connectivity for several hours and shutting down thousands of cash machines in North America.

legal disclaimer

1) Our website is not responsible for the information contained by this article as well for any and all copyright infringements by authors and writers. E-articles is a free information resource. If you suspect this article for any copyright infringements, please read the Terms of service and contact us to investigate the problem.
2) The E-articles directory team is not responsible for inaccuracies, falsehoods, or any other types of misinformation this tutorial may contain and will not be liable for any loss or damage suffered by a user through the user's reliance on the information gained here. Please read the Terms of service

Useful tools and features

Translate this article to...    Send this article to you or to a friend

Link to this article from your page   
If you like this article (tutorial), please link to it from your web page using the information above. Linking to this page, this is the only way to help us improve our service, the same time providing your visitors with a way to improve their online experience.

related articles

1. Remote Access Services (RAS) under Windows XP Professional
Authentication protocols • EAP - Extensible Authentication Protocol. A set of APIs in Windows for developing new security protocols as needed to accommodate new technologies. MD5-CHAP and EAP-TLS are two examples of EAP. • EAP-TLS - Transport Level Security. Primarily used for digital certificates and smart cards. • MD5-CHAP - Message Digest 5 Challenge Handshake Authentication Protocol. Encrypts usernames and passwords with an MD5 algorithm. • RADIUS - Remote...

2. Maximizing Your Internet Browser with Bookmarks
If you want to return to a first-rate online source, you’re likely to use a shortcut, such as a bookmark or a favorite. If you use the Netscape browser, you bookmark the Web page. This acts as a shortcut to the online source.If you use the Internet Explorer browser, you save the page as a favorite. (I refer to both of these types of shortcuts as bookmarks for this section of the article.) If you’ve used the Internet for a while, you likely have a long list of bookmarks. Today h...

3. Monitoring and Optimizing System Performance and Reliability in Windows XP Professional
Task scheduler: • Used to automate events such as batch files, scripts and system backups. • Tasks are stored in the Scheduled Tasks folder in Control Panel. • Running task with a user name and password allows an account with therequired rights to perform the task instead of an administrative account. • Set security for a task by group or user. Using offline files • Offline files replaces My Briefcase and works a lot like Offl...

4. Computer Tips and Tricks ~ How Do I Send Pictures via Email
One of the first things that new digital camera owners love to do is send a batch of images to family members or friends. As you may have already discovered yourself, the warmth of reception is inversely proportional to the size of the images that land in your recipients' inboxes. All too often, budding photographers send full-sized 2-, 4-, or even 6-megapixel pictures as email attachments. Unfortunately, these files take forever to download on all but the fastest Internet connections and are too large to view comfortably on a c...

5. Communication Protocols Used by Windows Systems
TCP/IP protocol • TCP is an industry-standard suite of protocols • It is routable and works over most network topologies • It is the protocol that forms the foundation of the Internet • It is Installed by default in Windows XP • Can be used to connect dissimilar systems • Uses Microsoft Windows Sockets interface (Winsock) • IP addresses can be entered manually or be provided automatically by a DHCP server • DNS is used to resolve compute...

6. Advantages and Disadvantages of FAT and NTFS File Systems
Understanding FAT and NTFS File Systems • NTFS provides optimum security and reliability through its ability to lock down individual files and folders on a user-by-user basis. Advanced features such as disk compression, disk quotas and encryption make it the file system recommended by 9 out of 10 MCSEs. • FAT and FAT32 are only used for dual-booting between Windows XP and another operating system (like DOS 6.22, Win 3.1 or Win 95/98). • Existing NT 4.0 NTFS system partit...

7. Two Software Nags ~ Windows 95 versus Windows NT
The buildup to NT began after the incredibly successful launch of Windows 3.0 in 1990. For the next 3 years, Microsoft spent considerable time proclaiming that this new version of the product, once known as OS/2 3.0, would be the 32-bit successor to the 16-bit Windows 3.x product line. But as NT neared completion, complaints began to surface that the product was too big and resource-hungry to fit the existing desktop profile. Microsoft had heard these complaints before with other products, but Moore's Law which, roug...