Compression virus

A compression virus is an example of a benevolent computer virus, invented by Fred Cohen. It searches for an uninfected executable file, compresses the file and prepends itself to it. The virus can be described in pseudo code[1]

program compression-virus:=
{01234567;

subroutine infect-executable:=
 {loop:file = get-random-executable-file;
 if first-line-of-file = 01234567 then goto loop;
 compress file;
 prepend compression-virus to file;
 }

main-program:=
 {if ask-permission then infect-executable;
 uncompress the-rest-of-this-file into tmpfile;
 run tmpfile;}
}

The 01234567 is the virus signature, and is used to make sure (if first-line-of-file = 01234567) the file is not already infected. The virus then asks for permission (ask-permission) to infect a random executable (get-random-executable-file). If the permission is granted, it compresses the executable (infect-executable), prepends itself to it (prepend), uncompresses the current executable file (uncompress the-rest-of-this-file) into a temporary file (tmpfile) and runs it (run tmpfile).

Cruncher is an example of a compression virus,[2] a strain of which – Cruncher.2092[3] – is described by McAfee as memory-resident virus that infects all but small com files, making them smaller. The reason for excluding small programs is that their infected versions will be bigger than their originals.

References

  1. 1984, Computer Viruses - Theory and Experiments
  2. Mark A. Ludwig 1995, Giant Black Book of Computer Viruses p.10
  3. "McAfee article on Cruncher.2092, read Characteristics". Archived from the original on 2010-08-23. Retrieved 2009-07-29.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.