Online Museum Displays Decades of Malware

An anonymous reader writes: archive.org has launched a Museum of Malware, which devotes itself to a historical look at DOS-based viruses of the 1980s and 1990s, and gives viewers the opportunity to run the viruses in a DOS game emulator, and to download 'neutered' versions of the code. With an estimated 50,000 DOS-based viruses in existence by the year 2000, the Malware Museum's 65 examples should be seen as representative of an annoying, but more innocent era of digital vandalism.

Obilgatory XKCD

[jfdavis668]

http://xkcd.com/350/ [xkcd.com]

Re:Obilgatory XKCD

[Psicopatico]

Just ask, it's already done.
Check http://www.viruszoo.com/ [viruszoo.com]
(And don't forget to check the FAQ, which clearly references xkcd.)

To be honest, TFA references a MS-DOS era scenario, which is a little different.

Re:

[Cthulhu's Physicist]

http://xkcd.com/301/ [xkcd.com]

Attack the webserver!

[dohzer]

That website is just begging for someone to upload a virus to its server.

Decades of makware

[rossdee]

Do they have the disk-validator vorus?
That gets my vote for the cleverest virus of the early days
just pop it in your drive and you were infected
of course kickstart 2.0 made it obsolete
I wonder if John Veldthuis is still around

Re:

[Blaskowicz]

a PC isn't able to know if a floppy was inserted into a drive, hell it can't even know if the floppy drive is connected or not hahaha.

Re:

[Osgeld]

well eventually it will when you try to access it, then it will forget once you clear the bitch message

Re:

[drinkypoo]

Some could. Amigas (and Macs too I believe?) would automatically pop up an icon for floppies when they were inserted, without needing to do anything else.

While those absolutely are technically "personal computers", everyone understands "PC" to mean "IBM PC or compatible". And yes, both Amigas and Macs had floppy detect. Actually, it was technically possible to do it on the PC as well [microsoft.com], and ISTR some programs actually doing it. The solution to the training problem is pathetically obvious (as evinced by the fact that I figured it out while reading TFA which I just google'd) which is to train the system the first time the user successfully reads a floppy disk, a

Re:

[Trax3001BBS]

Some could. Amigas (and Macs too I believe?) would automatically pop up an icon for floppies when they were inserted, without needing to do anything else. There was an insertion and removal event sent from the drive to the operating system. It would read the disk label and icon upon insertion, display them, then spin back down again until you did something.

The Amiga impressed all with that ability, it would start a playing a demo, or music the moment the floppy was inserted.

Re: Decades of makware

[hackwrench]

https://blogs.msdn.microsoft.c... [microsoft.com] has the details as to why it was partially the drive's fault. They could have asked the user to verify which type of drive they had at the beginning, but it's a bit like the current NumLock situation today.

Re:

[Trax3001BBS]

Do they have the disk-validator vorus?
That gets my vote for the cleverest virus of the early days
just pop it in your drive and you were infected
of course kickstart 2.0 made it obsolete
I wonder if John Veldthuis is still around

Amiga? Remember the bootsector checker made for the best of reasons that became malware in it's own right, it tried to protected floppies by jumping to a floppy that didn't have the program installed so it could be scanned, where it remained.

The Simpsons have already done it

[The PTP Guy]

Nice trip down the memory lane. MkS_Vir, developed by the late Marek Sell, used to be the de facto standard antivirus software used in Poland for many years in the DOS days. I'm not sure if it's been ever exported anywhere outside Poland. So MkS_Vir contained a collection of amusing neutered virus demos the user could play from the UI. I recall many of the ones on display in the Malware Museum. MkS_Vir has had this built-in collection since at least 1993 and it kept growing. It also contained technical desc

Re:

[cfalcon]

Malware wasn't a term yet because it wasn't needed.

Your three basic types of infection are virus, worm, and trojan horse. Viruses make copies of themselves, and in an era where it was EXTREMELY common to move binaries around from one machine to another, this was a very effective manner of transmission. You didn't need an existing vulnerability for a virus to work, because you were tricked into executing the code. Everyone will ALWAYS be one social engineering attack away from a computer virus. A worm al

"Annoying"?

[__roo]

Annoying? Only like someone who never had a boot sector virus wipe out half their files because it detected it was the 26th of the month would dismiss DOS viruses as "anoying". Or, worse, someone who never had to work on a support desk when that happened.

Or someone who's only lived in a time when all computers are networked, so backing up a hard drive doesn't involve swapping 3.5" (or 5.25"!!) floppies in and out of your machine for half an hour, or waiting two hours for your tape backup to finish.

Annoying?

Re:

[cfalcon]

Not all viruses deleted data, is the point. MANY viruses were not able to generate personal gain in any way, and didn't destroy all your files.

There was one that replaced all the "Microsoft" on your hard drive with "Machosoft". Just a global search and replace in every text file and binary. Machosoft DOS prompts and everything.

Re:

[Trax3001BBS]

Not all viruses deleted data, is the point. MANY viruses were not able to generate personal gain in any way, and didn't destroy all your files.

There was one that replaced all the "Microsoft" on your hard drive with "Machosoft". Just a global search and replace in every text file and binary. Machosoft DOS prompts and everything.

My Fav Apple "attack" (as in concept) was when the Energizer bunny would roll across the screen pounding it's drums while the hard drive was being formatted.

Got a perfectly harmless Windows virus

[Blaskowicz]

As far as I know it did nothing, but there was a cool message left by the author in C:\WINDOWS\SYSTEM or C:\WINDOWS\SYSTEM32.

Well it was "cool", and it was warm too. Thanks, buddy! I wish you could reply in my /usr/bin now.

Re:

[cfalcon]

Gods we had a stoned empire monkey b infection at my high school. It hit my home PC, and I had to claw that bastard out of the MBR. Risky days for sure.

Re:

[Trax3001BBS]

Hmph. They don't list the Stoned virus. Right around 1990 I had heard of viruses but doubted they existed--I had never seen one. It was then I was around a computer lab with a bunch of IBM-PC's (yes the original ones without hard drives!) that had this thing that would pop up every once in a few boots saying "Your PC is now Stoned!". So I got one of those shared disks, looked at the first few sectors on the disk and found that message. I saw strange code and started disassembling it. Soon I was looking at the source code of a virus. Well, damn, I said, they do exist!

The last virus was released in 2010 by the US, spread by autoplay on USB drives that made it's way to Iran to destroy their Uranium extractors. I've heard of a range of thousands being taken out by increasing and decreasing their operating speed.

3001: The Final Odyssey

[superxstudios]

Sounds like the start of the Pico Vault from Arthur C. Clarke's 3001: The Final Odyssey, which was a vault on the moon built to store samples of biological and computer viruses. https://en.wikipedia.org/wiki/... [wikipedia.org]

http://vx.netlux.org/ was a true loss.

[Trax3001BBS]

It was a database of almost any exploit, malware, virus, etc available. Used in an honest manner it proved very valauble. It was one of the first sites taken down under the a new rule that a site that had a potential to cause damage had to be removed.

I can tell you that ESET NOD32 is the best antibadware program, while never 100% it always rated between 80-90%, much better than the rest.

Test was did it download the file, if so would it open the zip file, if so would it extract it to another directory. and a

Google ranking?

[kmoser]

How do they prevent Google from flagging them as a malware site?