Virus hoax explained

A computer virus hoax is a message warning the recipients of a non-existent computer virus threat. The message is usually a chain e-mail that tells the recipients to forward it to everyone they know, but it can also be in the form of a pop-up window.[1] [2]

Identification

Most hoaxes are sensational in nature and easily identified by the fact that they indicate that the virus will do nearly impossible things, like blow up the recipient's computer and set it on fire, or less sensationally, delete everything on the user's computer. They often include fake announcements claimed to originate from reputable computer organizations together with mainstream news media. These bogus sources are quoted in order to give the hoax more credibility. Typically, the warnings use emotive language, stress the urgent nature of the threat and encourage readers to forward the message to other people as soon as possible.

Virus hoaxes are usually harmless and accomplish nothing more than annoying people who identify it as a hoax and wasting the time of people who forward the message. Nevertheless, a number of hoaxes have warned users that vital system files are viruses and encourage the user to delete the file, possibly damaging the system. Examples of this type include the jdbgmgr.exe virus hoax and the SULFNBK.EXE hoax.[3] [4]

Some consider virus hoaxes and other chain e-mails to be a computer worm in and of themselves. They replicate by social engineering—exploiting users' concern, ignorance, and disinclination to investigate before acting.

Hoaxes are distinct from computer pranks, which are harmless programs that perform unwanted and annoying actions on a computer, such as randomly moving the mouse, turning the screen display upside down, etc.

Action

Anti-virus specialists agree that recipients should delete virus hoaxes when they receive them, instead of forwarding them.[5] [6]

McAfee says:

F-Secure recommends:

Comparison

NameAlias(es)OriginAuthorDescription
Antichrist(none)United KingdomDylan NicholasA hoax that warned about a supposed virus discovered by Microsoft and McAfee named "Antichrist", telling the user that it is installed via an e-mail with the subject line: "SURPRISE?!!" after which it destroys the zeroth sector of the hard disk, rendering it unusable.[7]
AF/91April Fool's 1991United StatesJohn GantzA 1991 InfoWorld article detailing a cyberweapon developed by the United States Intelligence Community for use against Iraq during the Gulf War, capable of "eating" a user's windows, that had spread past its intended target and "mutated" to be able to destroy the display of any computer with windowing technology, namely Windows 3.0. Intended as an April Fools' Day joke and never actually existed, but was mistakenly reported as a real cyberweapon (albeit without mentions of the spread and mutation) by several news organizations well into the early 2000s.[8]
Black in the White HouseBlack Muslim in the White HouseUnknownA chain message beginning around 2006. It begins with the message warning of a virus that hides in an attachment labeled "Black in White House" or something similar, saying that if the user opens it, then it opens an Olympic Torch that burns down the C disk.[9]
Budweiser FrogsBUDSAVER.EXEUnknownUnknownWould supposedly erase the user's hard drive and steal the user's screen name and password.[10]
Goodtimes virus(none)UnknownUnknownWarnings about a computer virus named "Good Times" began being passed around among Internet users in 1994. Was supposedly transmitted via an email bearing the subject header "Good Times" or "Goodtimes," hence the virus's name, and the warning recommended deleting any such email unread. The virus described in the warnings did not exist, but the warnings themselves, were, in effect, virus-like.[11]
Invitation attachment(Allright now/I'm just sayin)United StatesJim FlanaganAn e-mail spam in 2006 that advised computer users to delete an email, with any type of attachment that stated "invitation" because it was a computer virus. This is also known as the Olympic Torch virus hoax (see below).[12]
Jdbgmgr.exe(bear.a)UnknownUnknownInvolved an e-mail spam in 2002 that advised computer users to delete a file named jdbgmgr.exe because it was a computer virus. jdbgmgr.exe, which had a little teddy bear-like icon (The Microsoft Bear), was actually a valid Microsoft Windows file, the Debugger Registrar for Java (also known as Java Debug Manager, hence jdbgmgr).
Life is beautifulLife is wonderfulBrazil (first reported)Supposedly a hacker with the alias "Life owner" or "Dono da vida"Spread through the Internet around January 2001. It was a virus attached to an e-mail, which was spread around the Internet. The attached file was supposedly called "Life is beautiful.pps" or "La vita è bella.pps".[13]
NVISION DESIGN, INC. games ("Frogapult," "Elfbowl")Sometimes included their other game "Y2KGame"UnknownUnknownPrograms were actual, legitimate computer games; author claimed that they were viruses which would "wipe out" the user's hard drive on Christmas.[14]
Olympic Torch"Postcard" or "Postcard from Hallmark"UnknownUnknownA series of e-mails first sent in February 2006. The "virus" referred to by the e-mail does not actually exist. The hoax e-mail warns recipients of a recent outbreak of "Olympic Torch" viruses, contained in e-mails titled "Invitation", which erase the hard disk of the user's computer when opened. The hoax email further purports the virus to be acknowledged by such reputable sources as CNN, McAfee, and Microsoft as one of the most dangerous viruses yet reported. This email, which was started in February 2006, is safe to delete when the user wants.
SULFNBK.EXE Warningnone UnknownUnknownSULFNBK.EXE (short for Setup Utility for Long File Name Backup) is an internal component of the Microsoft Windows operating system (in Windows 98 and Windows Me) for restoring long file names. The component became famous in the early 2000s as the subject of an e-mail hoax. The hoax claimed that SULFNBK.EXE was a virus, and contained instructions to locate and delete the file. While the instructions worked, they were needless and (in some rare cases, for example, when the long file names are damaged and need to be restored) can cause disruptions, as SULFNBK.EXE is not a virus, but instead an operating system component.

Telephone scam

See main article: Technical support scam.

A telephone scam, commonly operated from call centres based in India, has been active since 2008. The victim is quoted his or her name and address, and is told: "I'm calling for Microsoft (or an entity that sounds like it is connected to Microsoft, such as the "Windows Service Center" or "Windows Technical Department"). We've had a report from your internet service provider of serious virus problems from your Windows computer." The victim is then directed to open the Windows event viewer, which displays apparently critical warnings, and is directed to a website to download an application to allow the scammer to control his or her computer remotely. The caller supposedly fixes the problems and demands a fee for the service. In addition to the fraudulent fee, the process usually enables malware to be uploaded to the victim's computer.[15]

Parodies

The virus hoax has become part of the culture of the twenty-first century and the gullibility of novice computer users convinced to delete files on the basis of hoaxes has been parodied in several popular jokes and songs.

One such parody is "Weird Al" Yankovic's song "Virus Alert" from the album Straight Outta Lynwood. The song makes fun of the exaggerated claims that are made in virus hoaxes, such as legally changing your name or opening a rift in time and space.[16]

Another parody of virus hoaxes is the honor system virus which has been circulated under the name Amish Computer Virus, manual virus, the Blond Computer Virus, the Irish Computer Virus, the Syrian Computer Virus, the Norwegian Computer Virus, Albanian Virus, Newfie Virus, the Unix Computer Virus, the Mac OS 9 virus, Discount virus and many others. This joke email claims to be authored by the Amish or other similar low-technology populations who have no computers, programming skills or electricity to create viruses and thus ask users to delete their own hard drive contents manually after forwarding the message to their friends.[17]

The Tuxissa virus is another parody of the virus hoax, based on the concept of the Melissa virus, but with its aim of installing Linux on the victim's computer without the owner's permission. The story says that it was spread via e-mail, contained in a message titled "Important Message About Windows Security". It was supposed to first spread the virus to other computers, then download a stripped-down version of Slackware and uncompress it onto the hard disk. The Windows Registry is finally deleted and the boot options changed. The virus then reboots the computer, leaving the user facing the Linux login prompt with all their Windows security problems solved.[18]

See also

External links

Notes and References

  1. Web site: Virus hoax. 2020-12-01. Malwarebytes Labs. en-US.
  2. Web site: What is a hoax? - Panda Security. 2020-12-01. www.pandasecurity.com. en.
  3. Web site: JDBGMGR.EXE Virus. Mikkelson. Barbara and David P. . January 2008. 2011-08-08.
  4. Web site: SULFNBK.EXE Virus. Mikkelson. Barbara and David P. . January 2008. 2011-08-08.
  5. Web site: Virus Profile: A Virtual Card For You Hoax. McAfee, Inc. McAfee. December 2003. 2018-11-30.
  6. Web site: Hoax Warnings. 2012-06-14. F-Secure Corporation. F-Secure. 2009. https://web.archive.org/web/20120622225329/http://www.f-secure.com/virus-info/hoax/. 22 June 2012. dead. dmy-all.
  7. Web site: Antichrist Hoax. https://web.archive.org/web/20070101115022/http://www.symantec.com/security_response/writeup.jsp?docid=2001-071807-0633-99. dead. 1 January 2007. Gutierrez. Ralph. July 2001. 2011-08-08.
  8. Web site: Smith . George . March 10, 2003 . Iraqi Cyberwar: an Ageless Joke . dead . https://web.archive.org/web/20030605080122/http://www.securityfocus.com/columnists/147 . June 5, 2003 . November 13, 2015 . SecurityFocus.
  9. Web site: Black Muslim in the White House. 20 June 2013. 17 January 2014. snopes.com.
  10. Web site: Budweiser Frogs Virus. Mikkelson. Barbara and David P. . January 2008. 2011-08-08.
  11. Web site: Good Times Virus Hoax Frequently Asked Questions. Jones. Les. December 1998. 2011-08-08.
  12. Web site: Olympic Torch Invitation Virus Hoax. Christensen. Brett M.. 2008 . 2011-08-08.
  13. Web site: Koris . George . Life is beautiful Hoax . Symantec.com . Symantec . 2002-01-15 . https://web.archive.org/web/20070307092651/http://www.symantec.com/security_response/writeup.jsp?docid=2002-011511-0444-99&tabid=2 . dead . 7 March 2007 . 2011-08-08 .
  14. Web site: FROGAPULT, ELFBOWL, Y2KGAME Virus Hoax. https://web.archive.org/web/20090527182459/http://www.symantec.com/security_response/writeup.jsp?docid=2000-121914-1926-99&tabid=2. dead. 27 May 2009. Symantec Corporation. NortonLifeLock. February 2007. 2011-08-08.
  15. Web site: Virus phone scam being run from call centres in India . 18 July 2010 . 1 May 2012 . Charles Arthur . Guardian News and Media Limited.
  16. News: Weird Al unleashes his new album with a Bill Plympton Video DON'T DOWNLOAD THIS SONG!!! . . 2006-09-11 . 2011-08-08 .
  17. Web site: Humor: For a good time..... Pearson. Karl. May 2000. 2011-08-08.
  18. Web site: Attack of the Tuxissa Virus. 2009-04-17. Baughn. James. March 1999. https://web.archive.org/web/20040811132005/http://humorix.org/articles/1999/03/tuxissa/. 11 August 2004. dead.