🦠 Computer Viruses
Learn how computer viruses spread, infect files, and why virus concepts still matter in modern cybersecurity.
📼 A Blast From The Past
In the early days of computing, malware often spread through:
- Floppy disks
- CDs
- Email attachments
- Shared files
One infected file could spread to thousands of systems.
This type of malware became known as a virus.
📖 What Is A Computer Virus?
A virus is malicious software that attaches itself to another file or program.
Unlike worms:
Viruses Require User Action
The infected file must usually be opened, executed, or shared before the virus spreads.
🧬 Why It’s Called A Virus
⬇️ Infected File
⬇️ User Shares File
⬇️ New Victim
⬇️ More Infections
The concept is similar to biological viruses spreading between hosts.
⚙️ Typical Virus Components
- Infection Mechanism
- Replication Logic
- Trigger Condition
- Payload
Not all viruses are destructive, but all attempt to spread.
🦠 Common Virus Types
- File Infector Viruses
- Boot Sector Viruses
- Macro Viruses
- Multipartite Viruses
- Polymorphic Viruses
Each type uses a different infection strategy.
📄 File Infector Viruses
These viruses attach themselves to:
- Programs
- Executables
- Application files
When the user launches the file, the virus executes as well.
📑 Macro Viruses
Macro viruses target documents containing automation features.
Examples:
- Word Documents
- Excel Spreadsheets
- Office Templates
They became extremely common through email attachments.
🥷 Polymorphic Viruses
Some viruses attempt to evade detection by changing their appearance.
Although behavior remains similar, the file may look different each time.
This challenged traditional signature-based detection systems.
⚠ Common Infection Indicators
- Unexpected file changes
- Slow performance
- Frequent crashes
- Missing files
- Unknown processes
- Disabled security software
These symptoms should always trigger investigation.
🛠 Virus Investigation Tools
- VirusTotal
- Windows Defender
- Process Explorer
- Autoruns
- Sysmon
- Event Viewer
These tools help analysts identify suspicious activity and persistence.
⚔ Virus vs Worm
| Virus | Worm |
| Needs User Action | Self-Spreading |
| Infects Files | Infects Systems |
| Slower Spread | Rapid Spread |
🎓 CEH Exam Focus
Remember:
- Viruses require a host file
- Viruses typically need user interaction
- Viruses differ from worms
- Polymorphic viruses attempt evasion
- Macro viruses spread through documents
These are common CEH exam concepts.
🏆 Key Lesson
A virus succeeds because users unknowingly help it spread.
Technology matters.
User behavior matters even more.
Trust Carefully
Execute Carefully
🪱 Worms & Self-Propagating Malware
Learn how worms spread automatically across networks, why they can move so quickly, and how some of history’s largest cyber incidents were caused by self-propagating malware.
Recent Comments