|
"Virus Hoax:
Malicious Code Example"
Virus Hoax Warnings: Page 22
of 39
2400 Baud Modem Virus
October 1988
Since 1988, computer virus hoaxes have been circulating the
Internet. In October of that year, according to Ferbrache ("A
pathology of Computer Viruses" Springer, London, 1992) one of the
first virus hoaxes was the 2400 baud modem virus: SUBJ: Really Nasty
Virus AREA: GENERAL (1)
I've just discovered probably the world's worst computer virus yet.
I had just finished a late night session of BBS'ing and file
treading when I exited Telix 3 and attempted to run pkxarc to unarc
the software I had downloaded. Next thing I knew my hard disk was
seeking all over and it was apparently writing random sectors. Thank
god for strong coffee and a recent backup. Everything was back to
normal, so I called the BBS again and downloaded a file. When I went
to use ddir to list the directory, my hard disk was getting trashed
again. I tried Procomm Plus TD and also PC Talk 3. Same results
every time. Something was up so I hooked up to my test equipment and
different modems (I do research and development for a local computer
telecommunications company and have an in-house lab at my disposal).
After another hour of corrupted hard drives I found what I think is
the world's worst computer virus yet. The virus distributes itself
on the modem sub- carrier present in all 2400 baud and up modems.
The sub-carrier is used for ROM and register debugging purposes
only, and otherwise serves no othr (sp) purpose. The virus sets a
bit pattern in one of the internal modem registers, but it seemed to
screw up the other registers on my USR. A modem that has been
"infected" with this virus will then transmit the virus to other
modems that use a subcarrier (I suppose those who use 300 and 1200
baud modems should be immune). The virus then attaches itself to all
binary incoming data and infects the host computer's hard disk. The
only way to get rid of this virus is to completely reset all the
modem registers by hand, but I haven't found a way to vaccinate a
modem against the virus, but there is the possibility of building a
subcarrier filter. I am calling on a 1200 baud modem to enter this
message, and have advised the sysops of the two other boards (names
withheld). I don't know how this virus originated, but I'm sure it
is the work of someone in the computer telecommunications field such
as myself. Probably the best thing to do now is to stick to 1200
baud until we figure this thing out.
Mike RoChenle
Copyright 2004 by Jay Jennings
|