Computer Virus and Worms

Home , Adware, Backoff, Cascade (computer virus), Computer worm, Conficker, Dark Avenger

Full Length Research Paper

A study on malware: Computer virus and worms

Rabia Khan

MCA, Punjab Technical University, India. Author email :[email protected]

Accepted 16 December, 2018

Malware or malicious software is a type of security threat that brings harm to computer system. Most organizations are affecting by malware. Malware steal protected data, by pass access control, delete document or add documents not approved by user. Malware can be in the form of virus, worms Trojan horse, adware, spyware, rootkit, backdoor, and botnet. In this paper, we study the most significant malware: Virus and worms can have a devastating effect on business continuity and profitability. Also this paper describes the timeline of virus, worms and Trojan horse.

Key words: Malware, malicious software, data, virus, worms Trojan horse

INTRODUCTION

Nowadays, a huge variety of cyber-attacks are available of these security threats try to violate confidentially, that can be affect not only big organization but also affect integrity and accessibility. Malicious software (malware in the personal computers such as brute force attack, social short) is software designed to cause harm to computer engineering/cyber fraud attacks, distributed denial of and user (Abhisheck Ranjan (www.geeksforgeeks.org), service attack, phishing attacks and malware attack. All Neil, 2012).

Adware biggest threats to security systems. Botnet can be used Adware is one type of malware that automatically delivers for Distributed Denial of Service (DDoS) attacks, as advertisements. This is able to pop-up advertisements on spambots that render advertisements on websites, as websites and advertisements that are displayed by web spiders that scrape server data, and for distributing software. malware disguised as popular search items on download sites.

Botnet Rootkit Botnet is another type of malware that is able to perform specific operations automatically. It became one of the A rootkit was designed to remotely access or control a

Scholarly J. Math. Comp. Sci. 2

computer without being detected by users or security Philippines (Wajeb, 2011). programs. When a rootkit infected the system then it is possible to the malicious party behind it to remotely execute files, access or steal information, modify system How do Computer Viruses spread in Computer configurations, alter the software, install concealed malware, or take control the computer as part of a botnet. Before intervention of Internet, virus often spread from Rootkit prevention, detection, and removal are difficult. computer to computer via infected removable flash drive. If a flash drive has been infected with a virus from a source computer and when a person boots the Spyware removable flash drive in another computer it will be trigger the spread of the virus from the removable flash Spyware is another type of malware that work as spying drive to the computer. For example, if person purchases on user activity without their knowledge. These spying software that is infected with virus and then install the capabilities can know the activities of user include activity same software in his/her computer the running of the monitoring, collecting keystrokes, account information, software can trigger the virus to spread to his/her logins, financial data and more. computer. The most common way of spreading the virus is through e-mail attachments. Most people send email message with attachments. These attachments often Trojan horse always contain computer virus so that when a computer user downloads the attachment the computer virus is A Trojan horse also known as a “Trojan,” is another type eventually transmitted to the user computer. of malware that disguises itself as a normal file or Now we can say the most common way to spreading program to trick users into downloading and installing the virus is via Internet (Adam, 2010). malware. A Trojan horse can give a malicious party remote access to an infected computer. Once an attacker has access to an infected computer, it is possible for the Harmful Effect of Computer Virus attacker to steal data like as logins, financial data, and even electronic money, install more malware, also modify Virus can create minor damage to major damage. Virus files, monitor user activity like as screen watching, can replicate themselves they can cause damage the keylogging, etc, use the computer in botnets process, computer system by taking up huge memory or disk and anonymize Internet activity by the attacker. space, damaging or corrupting data, changing data, erasing files or locking up the whole computer system (Lynn, 2016). What is Computer Virus The lists of effect of computer viruses are as follows: A computer virus so called a virus because it has similar characteristics with a biological virus. Like biological • Reduce the memory space, damage disks virus, computer virus can also be transformed from one • Increase the startup time and run time computer to another computer. Computer viruses are one • Computer runs slower than usual type of malware, a self-replicating programs designed to • Computer stops responding to the commands spread itself from computer to computer and capable of • Computer hangs frequently reproducing copies of itself and inserting them into other • Computer restarts every few minutes programs of files. We can say computer viruses are • Certain applications are not running frequently computer programs that are designed to spread • Appearance of unusual messages themselves from one file to another on a single file. • Distorting menu and dialog boxes Viruses spread quickly to many files within computer, but • Improper functioning of the anti-virus program it cannot be spread between computers unless people • Appearance of new icon on desktop exchange infected files over a network or share an infected floppy diskette. Viruses can be written in The above points are also indicators that the computer numerous computer programming languages including may have been infected by worms and Trojan horses. assembly language, C, C++, Java, Scripting languages, and macro programming languages. The world was The Characteristics of Computer Virus (Zahri and realized the impact of computer virus in 2000. I LOVE Ahmad, 2003) YOU virus spread throughout the world causing billions of dollars in damages in different countries in 2000. It was The following are some of the characteristics of computer believed that, the source of this virus was traced in viruses:

Khan, 3

i. Size: The size of the program code required for from one computer to another computer. Worms are also computer viruses are small. computer programs as computer viruses that are capable ii. Versatility: This is another type of characteristics. This of replicating copies of themselves via network is the ability to generically attack a different variety of connections. The worm can infect as many machines as applications. possible on the network, rather than spreading many iii. Propagation: Once a computer virus has affected a copies of itself on a single computer, as a computer virus program and whenever this affected program is running does. A worm infects a target system only once, after the then the virus is able to spread to other programs and initial infection, the worm attempts to spread to other files accessible to the computer system. machines on the network. Worm can spread much more iv. Effectiveness: Computer viruses have far-reaching rapidly than viruses because computer worms do not and catastrophic effect on their victims, which includes reply on humans to copy them from computer to the total destroy of data, programs and even operating computer. Computer worm can run itself without any systems. human involvement. It is possible that if only one v. Functionality: Computer Viruses have a wide variety computer worm is transferred then there will be of functionality in computer virus program. Some viruses thousands of worms in a computer. Virus need a host are programmed to damage or delete or corrupt files and program to run and the virus runs as port of the host even to destroy operating system and some virus program, a worm can spread even in the absence of a programs are spread themselves to applications without host program. Worms can spread from one computer to attacking data files or operating system activities. another computer without the need of human running a x. Persistence: After detection, the recovery of data and program (Rajesh et al., 2015, Wajeb, 2011). even system operation has been difficult and time consuming. How do Computer Worms Spread in Computer

Classification of Computer Viruses (Wajeb, 2011 and There are many ways to spread the computer worms H. Sharvan Kumar) (Available: https://antivirus.comodo.com/blog/comodo- news/computer-worm-virus/). Computer viruses are classified by the type of file or disk that the virus infects: Email: Email is the one of the most common ways for computer worms to spread. Worms can spread through Boot Virus: These viruses attach themselves to floppy email attachment. Once a machine has been infected, diskettes and hard drives. When a user boot from an then worm is able to replicate itself by emailing itself to infected floppy diskette or hard drive, the virus is everyone in your address book or replying to emails in activated and the computers become infected. your inbox automatically. Application virus: These types of viruses spread from Operating System Vulnerabilities: Mostly operating one application to another on the computer system. system has its vulnerabilities and some worms are File Virus: These types of virus infect executable files. specifically coded to take the advantage of these weak These are written in machine code (0 or 1) due to these points. reasons also called binary file virus. They are able to Instant Messaging: Now a day’s Modern chat systems infect over networks. are just as vulnerable, such as face book messenger a Multipartite Virus: These types of virus infect both common infection point for worms such as Dorkbot, executable and data files. which spreads via an executable file which is designed as Macro Virus: A macro is a small, self-contained program JPG image. that is embedded directly within a document or spread Smart Phones: Now a days worm spread through smart sheet file. These types of viruses spread through phones. Mostly mobile operating systems are potentially documents, spreads sheets and other data files that vulnerable to worms as they all support HTMLS5 based contain computer macros. mobile apps. Some worms are spread as network Script Virus: These types of viruses infect other script packets. These types of worm directly penetrate the file on the computer system. Script viruses written in high computer memory and the worm code is then activated. level script languages such as Perl or Visual basic, gain control when a user runs an infected script file. Symptoms of a Computer Worm

What is Computer Worm There are following typical symptoms of a computer worm A worm is similar to a virus. It is considered as a sub- (Available:https://antivirus.comodo.com/blog/comodo- class of a virus because it is also capable of spreading news/computer-worm-virus/):

Scholarly J. Math. Comp. Sci. 4

• Slow computer performance infected websites. • Freezing/crashing of the system • Programs opening and running automatically Timeline of Malware • Irregular web browser performance • Unusual computer behavior (messages, images, In this section we are discussing timeline of malware sounds, etc) specially virus and worm and Trojan horse (Rajesh et al., • Blue screen of death 2015, Glenn, 2018, Kevin, 2014 and Norton Team, • Firewall warnings (2016).

• Missing/modified files

• Annoying pop-ups CONCLUSION AND FUTURE WORK • Appearance of strange/unintended desktop files or icons In this paper we discussed about malware especially • Operating system errors and system error messages about computer worm and virus and discussed their • Emails sent to contacts without the user’s knowledge types. Also, we discussed timeline of malware and their way to affect the system. By summarizing this work, we

can say that they are very dangerous. Malware can Classification of Computer Worm (Rajesh et al., 2015, create minor to major damage. They can reduce the Wajeb, 2011 and H. Sharvan Kumar) memory space, damage disks, damage programs so that

there are sudden failure can be occur such as increase Internet Worm: This type of worm finds the target and the startup time and run time, erase files, and also attack the computer through Internet. corrupt the computer itself. We can prevent by using: Email Worm: This type of worm spread through infected install a reliable anti-virus, warn all members to avoid message as an attachment or a link of an infected suspicious websites and not to download untrustworthy websites. material, install a firewall, never open email attachments Instant Message Worm: This type worms multiply and without scanning first and update the anti-virus regularly. spread through instant messaging systems and gain the Malware are affecting business. In future, this work can access of the address book on the victim’s system. be extended by considering the following parameters: File Sharing Worm: This type of worms place a copy of them in a shared folder and spread via P2P. • Impact of malware on business Internet Relay Chat Worms: This type of worms spread through IRC channels, sending infected files or links to • Financial impact on malware attack

Table 1. Timeline of malware specially virus and worm and Trojan horse

Year Name of Malware Description 1949 Self-Replicating Program Although no virus or worms here developed, theories of self replicating program were establishing to produce large number of viruses. 1959 Core Wars Victory Vysottsky, H. Dougalas MCIlroy and Robert P. Morris were programmed a Computer game in Bell Laboratory. They named it Core Wars. In Core wars, organism competed with the processing time of PC. 1966 Self-Reproducing John Von Neuman wrote an article called “Theory of Self Reproducing Automata” that Automata was published in 1966. This was based his lectures he held 18 years earlier on this theory. John Von Neuman name also known as father of Cybernetics. 1971 The Creeper Worm Bob Thomas was developed and experimental self-replicating program. It was accessed through ARPANET and copied DECPDP-10 computers with TENEX operating system. It was displaying a message “I’m creeper, catch me if you can!”. Later Another program developed name “Reaper” to delete existing message. 1974 Wabbit (Rabbit) This virus was developed to make multiple copies of itself at such speeds on a computer clogging the system reducing the performance of the computer. 1974/75 ANIMAL John Walker developed a program called ANIMAL for UNIVAC 1108. This was the first non-malicious Trojans. It was spread by sharing tapes. 1981 Elk Cloner Richard Skrenta was developed a program called “Elk Cloner” for Apple II systems. It was created to infect Apple DOS 3.3. Elk Corner started to spread through files and folders that are transferred to other computer by floppy disk.

Khan, 5

Table 1. Contd.

1983 Frederick Cohen In this year when the term “virus” was coined by Frederick Cohen in order to explain when a particular program is able to infect additional program because it has the tendency to replicate. 1986 Brain Boot Sector Virus It was the first virus to infect MS-DOS computers. Two brothers named Basit Farooq Alvi and Amjad Farroq Alvi in Pakistan found a way to replace the executable code found in the boot sector of a floppy disk. It is considered the first IBM PC compatible virus and the program responsible for the first IBM PC compatible virus epidemic. PC-Writer Trojan It was one of the earliest Trojan as a popular shareware program called “PC-Writer”. Once on a system, it would erase all of a user’s files. 1987 File Virus The first ‘file’ viruses begin to appear. It was affecting essential system file commond.com. Lehigh: It was programmed to infect command.com files from Yale University. It was immediately stopped. Cascade: It was the first self-encrypted file virus which was the outcome of IBM developing an antivirus product. Jerusalem: This virus was found in city of Jerusalem called Jerusalem virus. It was developed to destroy all executable files on computer on the 13th day that falls on a Friday. 1988 The Morris Worm It was created by Robert Tappan Morris. This worm infects DECVAX and SUN machines that were running on the BSD Unix operating system. This system was also connected to the Internet which made it the first worm to spread into the “wild”. 1989 AIDS Trojan The AIDS Trojan appears. It was fairly unique at the time because it requested immediate payment for removal. Ghostball Virus It was discovered by Friorik Skulason. It was the first multipartite virus. 1990 Chameleon Virus The first polymorphic virus called chameleon was developed by Ralf Burger. The first antivirus software called Norton Antivirus from Symantec to fight against the infectious viruses began to appear. 1991 Tequila Virus The Chameleon virus was released and also becomes known as Tequila virus. Norton anti-virus was released. 1992 DAME Dark Avenger Mutation Engine was created and made to turn regular viruses into Chameleon like polymorphic viruses. Over 1300 viruses were in existence. 1993 “Leandro and Kelly” and “Leandro and Kelly” and “Freddy Kruger” Viruses were spread a very quick rate. “Freddy Kruger” Virus 1994 Hoax Virus The first major computer virus hoax called “Good Times” spread. It was capable to erasing the whole hard drive. 1995 Concept Virus The first virus related to ‘Word’ documents known as Concept virus was developed. It spread and attacks Microsoft Word Document. 1996 Laroux, Baza and Staog A micro virus known as Laroux was developed. It was capable to infect Microsoft Excel Virus Documents. Later, A virus named Baza was developed to infect Windows 95 and virus named Staog was developed to infect Linux. 1998 CIH Virus Chen Ing Hau from Taiwan was developed the first version of CIH virus. A virus named Strange Brew infected Java files and virus named Chernobyl spreads drastically through executive files. It affected files and certain chips in computer. 1999 Happy99 Worm This type of worm was developed to attaches itself to emails, hides changes begin made and also wishes the message Happy New Year. This virus was affected Outlook Express and Internet Explorer on Widows 95 and 98. Bubble Boy Worm It was another worm that worked similarly to Mellisa and Happy99 except that it was able to function without user opening email. 2000 I Love You Virus This virus is also known as the “Love Bug”. It was infected more than a million PCs. It work was similar to that of the Mellisa and Bubble Boy in the way that it was spread. It was capable of deleting the files such as JPEG, MP2, or MP3.

Scholarly J. Math. Comp. Sci. 6

Table 1. Contd.

2001 Anna Kournikova Virus A virus known as the “Anna Kournikova” was spread by emails to the contacts in the compromised address book of Microsof Outlook. CodeRed Worm CodeRed worm infects nearly 400,000 hosts of web pages in least than 24 hours causing 2 billion dollars in damages (estimated). CodeRed II Worm It comes out in China and it was even more aggressive than its original. Nimda Worm Nimda spreads in many different ways including through Microsoft Outlook and through backdoors from previous worms. Kiez Worm It was discovered to find vulnerable holes through Microsoft Internet Explorer, Outlook Express and Microsoft Outlook.

Sircam Worm It was propagated by e-mail in Microsoft Windows systems. It began with lines of text and had an attachment consisting of the worm's executable with some file from the infected computer. It affected computers running Windows 95, Windows 98, and Windows Millennium. BadTrans Worm It was designed for stealing credit card information along with passwords. 2002 LFM-926 Virus This virus was infected Shockware Flash files. Mylife Worm Mylife worm was spread by sending malicious emails to all of the email addresses in Microsoft Outlook. 2003 SQL Slammer Worm One of the fastest spreading worms of all time, SQL Slammer infects over 75,000 computers in ten minutes. It was also capable of doubling its numbers every 8 seconds during the first initial minute of infection. The worm had a major global effect, slowing Internet traffic worldwide via denial of service. Sobig Worm This worm was first considered to spam. It spread quickly through networks shares and email of Microsof System. Welchia or Nachi This worm was tried to remove such other worms as Blaster and attempt to repair windows. 2004 My Doom Worm This worm is also called the Novang. It was the fastest email and file sharing computer worm. It was developed to permits hackers to access the infected hard drive. It is also known as the fastest mailer worm. Netsky Worm It spreads through email by replicating itself to folders found on the local hard disk. Witty Worm Witty worm is also considered as a record-breaking worm. It was the fastest disclosure to worm. It was the first of its kind to spread rapidly through Internet. It exploited holes in many Internet security system related products. Sasser Worm It finds holes and soft spots in Local Security Authority Subsystem Service. It was affected major network problems and interrupts business. Caribe Worm This was the first computer worm developed to infect mobile phones that had Symbian operating system. Santy Worm It was the first webworm. It was used Goggle to find targets. Cabir Virus This virus was considered as the first mobile virus. This virus caused little of any damage. Vundo Trojan Horse It causes popups and advertising in some antispyware programs. It is also able to denying service with certain website like Google. 2005 Commwarrior Virus This virus is considered as cell phone virus. It spread from cell phone to cell phone via text message. Sanny XXA Virus It was developed to spread faster and it is known to infect the Window family. Zotob Worm This computer worm targeted the security vulnerabilities in Microsoft operating system. It was several variations like Rbot.cbq, SDbot.bzh and Zotob.d that infected computers at many companies. Bandook Backdoor It is also called Bandook RAT infects the window family by taking over the computer. It Trojan Horse get by firewall using Hijacking method and access the Internet. 2006 Nyxem Worm It is another mass-mailing worm which is activated on the 3rd of every month. It was crated to disable all security and file sharing related software in order to destroying Microsoft office files. 2007 Storm Worm This worm was a fast spreading email spamming threat against Microsoft system. It was infected close to 1.7million computer in six months. Zesus Trojan Horse It was developed to steals banking information through a method called key stroke logging.

Khan, 7

Table 1. Contd.

2008 Koobface Virus This was targeted the social networking sites like Facebook, Myspace and twitter. It was capable to infect PCs and then propagate to social networking sites. The rearrange form of ‘koobface’ is ‘facebook’. Conflicker Worm This computer worm was affected 9 to 15 million servers system that were running on a variety of windows operating system. It was affected the server like UK Ministry of Defense. Mocmex Virus It was the serious computer virus. It was traced to a digital photo frame. Torpig Trojan Horse This Trojan horse affects windows by shutting down any antivirus applications that running on the system. It is able to allows to others to access the computer and change or steal any confidential information. 2009 Daprosy Worm This worm is able to steals passwords for online games. It can steal from Internet cafes and intercept on all keystrokes. It became very dangerous worm since it was affecting business to business system. 2010 Stuxnet A Windows Trojan called stuxnet was detected in June, 2017. It was first worm to hit SCADA systems. It was designed with the express purpose of attacking Iran’s nuclear program. It was able to impact hardware as well as software. Kenzero Virus This virus spread online from peer to peer sites through browsing history. 2011 Summer The Morto It attempts to propagate itself to additional computers via the Microsoft Windows Remote Worm Desktop Protocol. Zeus Trojan Horse It was first detected in 2007, released the source code to the public in 2011. It also called Zbot. It was one of the most successful pieces of bootnet software by man-in-the browser key stroke logging. Duqu Worm Duqu worm worm was discovered by the laboratory of Cryptography and System Security of the Budapest University of technology and Economics in Hungary. It is related to stuxnet worm. 2012 Shamoon Virus Symantec, Kaspersky Lab and Seculert discovered this virus. It was developed to target computer that running on Microsoft Windows in the energy sector. NGRBot Worm This worm uses the IRC network for file transfer, sending and receiving commands between zombie network machines and the attacker's IRC server, and monitoring and controlling network connectivity and intercept. NGRBot worm used a user-mode rootkit technique to hide and steal its victim's information. It is also designed to infect HTML pages with inline frames causing redirections, blocking victims from getting updates from security/antimalware products, and killing those services. 2013 Welchia Worm This worm is also known as the Nachi worm. This worm exploits vulnerability in the Microsoft Remote Procedure Call (RPC) service similar to the Blaster Worm. This Worm, first searches Blaster worm and delete it if it exists, then it tries to download and install security patches from Microsoft that would prevent further infection by Blaster. It is classified as a helpful worm and deleting the Blaster worm. Crypto Locker Trojan This Trojan horse is able to encrypt the files on a user’s hard drive and then demands Horse the user’s to pay a ransom to the developer in order to receive the decrypting key. Gameover Zeus Trojan It is able to steals one’s login details on popular web sites that involve monetary Horse transaction. 2014 Regin Trojan Horse Regin Trojan horse was created by the united states and united kingdom. It is difficult to be detected via anti-virus. It is spread via spooted web pages. Once downloaded, regin quietly downloads extension of itself and making I difficult to be detected. Backoff This malware was developed to compromise Point of Sale (POS) systems to steal credit card details. Win32/IRC Trojan horse This Trojan is able to connect to an Internet Relay Chat (IRC) server and provides attackers with remote access to the infected system. This is backdoor computer worm includes the ability to send itself to MSN messenger contacts. 2015 Bashlite This malware is leaked leading to a massive spike in DOS attacks.

Scholarly J. Math. Comp. Sci. 8

Table 1. Contd.

2016 Conficker Worm This worm was first appeared in 2008. Conficker worm targets Windows computers. Despite targeting Windows XP in the beginning, the worm evolved. Tinba Trojan This Trojan also known as Tiny Banker or Zusy, is one of the world’s smallest banking Trojans. Tinba Trojan uses Web injects to compromise browsers and shows fake Web pages on top of authentic banking portals. Sality Virus This virus firstly appeared in 2002 and in 2003 appeared more precisely. This is believed that it was originated in Russia. Sality has the ability to infect computers via different methods. JBossjmx Worm This worm is able to infect Web servers running older versions of the JBoss Application Server. Zeroaccess Trojan horse This Trojan targets Microsoft Windows operating system computers. This has been a part of multiple malware distribution campaigns and was mainly used to download more dangerous malware on infected systems after the worm spread to as many argets as possible in the local network. 2017 Xafecopy Trojan Horse This Trojan affected only Android operating system. It has attacked 47 countries. Conficker It was first started in 2009. This virus takes aim at Microsoft Windows computers and exploits a system vulnerability that leaves open doors to steal personal information from network including medical records. It has affected more than 11 million computers, costing computer users more than $ 2 billion. Stuxnet/Industroyer It was first found in Iran. It is also called the world’s first digital weapan. It is also able to destroy the hardware. Stuxnet laid the foundation for virus attacks on industrial complexes. Wannacary In starting, LG electronics items were infected in August, 2017. Their computers are infected and it will cost them time and money to repair the damage. 2018 I Love You It was first stated in Philippines in 2000. Two Filipino hackers created this. This virus sends an email named “LOVE-LETTER-FOR-YOU.TEXT.vbs”. Once opened, it would cause your computer to crash. Then it would send out the same email to the first 50 emails on your list. The cost breakdown of this virus was $10B across the Interne. Kovter It is a click fraud malware and a ransom ware downloader. It spread through malware email attachments that had office macros. It is effective due to it holding in registry files and it being file less. Emolet Emolet is a type of Trojan malware. It was first spotted in Germany, Austria and Switzer land in 2014. It is a malware that focus on banking operations. It was injected computer code into a network and steal financial information. The Emolet is also able to steal other types of data and perform DDOS attack. Wannacry It was started in 2017. According to expert, it is believe that the attack is originated from North Korea. It is a worldwide cyber attack that targeted Microsoft operating system. It can encrypt data and demand ransom payments through Bitcoin. It can manage attack over 300,000 computers. The damages ranged from hundreds of millions to billions of dollars. Mirari It was first started in 2009. Now, there are at least 13 versions of the mirari malware. It targets the Linux operating system. It can turn network devices into “bots” that were part of large network attacks.

REFERENCES https://arxiv.org/ftp/arxiv/papers/1106/1106.0853.pdf Zahri, Y. and Ahmad, N.M.Z. (2003). ”FUTURE CYBER WEAPONS, Aastha98, “Types of Virus”, [Online], Available: www.geeksforgeek.org National ICT Security and Emer gency Response Centre (NISER)”, Sharvan, H.K. (online) “Seminar Report on Study of Viruses and [Online], Available: http://index- Worms”, [Online], Available: of.es/Viruses/C/COMPUTER%20VIRUS%20FUTURE%20CYBER%2 http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.142.792&re 0WEAPONS.pdf p=rep1&type=pdf Rajesh, B., Janardhan, Y.R., Reddy and Dillip B..K.R. (2015). “A survey Glenn, (2018). “Five of the most harmful computer virus”, [online], Paper on Malicious Computer Worms”, International J. Advanced Available: https://friendlycomputersspokane.com/five-of-the-most- Res. Computer Sci. Technol. 3(2): 161-167 harmful-computer-viruses-in-2018/ Abhisheck, R. (online), “Malware and its types”, [Online], Available: Norton, T. (2016). The 8 Most Famous Computer Viruses of All Time www.geeksforgeeks.org https://uk.norton.com/norton- Neil, D. (2012). “Common Malware Types: Cyber security 101”, blog/2016/02/the_8_most_famousco.html [Online], Available: www.veracode.com [10] http:// news.softpedia.com/news/top-10-malware-threats-may-2016- Wajeb, G. (2011). “Studying and Classification of the Most Significant edition-505542.shtml Malicious Software”, [Online], Available: Kevin, J. (2014). “A short History of Computer Viruses”, [Online],

Khan, 9

Available: http://antivirus.combo.com/blog/computer-safety/short- Available: https://www.livescience.com/32619-how-does-a-virus-infect- history-computer-viruses/ your-computer.html What is Computer Worm and How this Virus Spreads & Infects PC Lynn, W. (2016). “10 sure-fire signs your computer has a virus”, (2018). [Online], Available: [online], Available: https://antivirus.comodo.com/blog/comodo-news/computer-worm- https://www.saga.co.uk/magazine/technology/computing/security/10- virus/ signs-your-computer-has-a-virus. Adam, H. (2010). “How does a Virus infect your Computers”, [online],