Aravinth.S. Powered by Blogger.
RSS

World First Pc Virus Is BRAIN

01:19 | Labels:



Brain is the oldest known virus on the PC platform and was first detected in 1986. Several variants of the virus are known and most of them are fairly harmless. It runs on IBM-PCs and compatibles running PC-DOS or IBM-DOS operating system.


Brain is a boot sector virus, infecting the first sector of floppies as they are inserted into an infected computer. Brain is only a few kilobytes in size and most of it is located in sectors that are marked as "bad" in the FAT. Also the original boot sector is stored in these sectors.






One of the most interesting details regarding the Brain virus is the following text, which appears inside it:





Welcome to the Dungeon
(c) 1986 Basit & Amjad (pvt) Ltd.
BRAIN COMPUTER SERVICES
730 NIZAB BLOCK ALLAMA IQBAL TOWN
LAHORE-PAKISTAN PHONE :430791,443248,280530.
Beware of this VIRUS....
Contact us for vaccination............ $#@%$@!!


There are many variants of the virus with different texts. Here is another version:
Welcome to the Dungeon
(c) 1986 Brain & Amjads (pvt) Ltd.
VIRUS_SHOE RECORD v9.0
Dedicated to the dynamic memories
of millions of virus who are no longer with us today -
Thanks GOODNESS!! BEWARE OF THE er..VIRUS :This program is catching
program follows after these messeges..... $#@%$@!!


This Two Guys was Written Brain Virus.


  • Amjad Farooq Alvi
  • Basit Farooq Alvi
Infection
Before Brain infects diskettes, it looks for a “signature”. This makes it possible to “inoculate” against it by putting the signature in the correct place of the boot sector of a clean floppy. Such floppies would not get infected even if they are insterted into an infected computer.


Stealth
The Brain virus tries to hide from detection by hooking interrupt 13 which is used to read the hard drive. When an attempt is made to read an infected boot sector, Brain will show you the original boot sector instead. This means that if you look at the boot sector using DEBUG or any similar program, everything will look normal, if the virus is active in memory. This means that Brain was not only the first PC virus, it was also the first rootkit.





Activity
The major effect of this fairly harmless virus is a change of the disk label (the "name" of the disk). The volume label is changed to read: "©Brain"



Name: Brain Virus.

Also known as: Ashar, (C)Brain, Clone, Nipper, Pakistani, PakistaniBrain.

 Type:  Memory resident stealth boot sector infector.

 Affects: PCs

 Discovered: January 1986

 Description:

 The Brain virus is a memory resident stealth boot sector infector that changes the infected disk's volume label to "(c) brain" or "(c) ashar" depending on variant.
While no longer in-the-wild, Brain achieved notoriety for being the first known PC virus. It infected boot sectors, hooking into INT13. If the virus were resident in memory, the boot sector would look normal.

 Mikko Hypponen : Interview About Brain Virus

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Posted by Unknown

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)