As of January 19, we have lived 25 years with malware. The first ever virus for the personal computer was written by two Pakistan brothers, Basit and Amjad Farooq Alvi. ©Brain was the name of this virus, it infected the MS-DOS FAT boot sector and it was harmless. This MBR rootkit just promoted their company with following text:
Welcome to the Dungeon © 1986 Basit * Amjad (pvt) Ltd. BRAIN COMPUTER SERVICES 730 NIZAM BLOCK ALLAMA IQBAL TOWN LAHORE-PAKISTAN PHONE: 430791,443248,280530. Beware of this VIRUS.... Contact us for vaccination...
Their ©Brain rootkit included two things missing in current malware. First of all, it was harmless and secondly, they also provided their names and contact information.
I have made a lot of malware detections while working in the Virus Lab. Most people are happy when their avast! antivirus catches a new threat. But not everyone thinks so. There are a few people that, when they get a “virus detected” warning, even disagree and send us a “false positive alert”. These often come with comments such as “Actually, you don’t know what you’re doing” or “this is just patch for some program”.
A few days ago, my colleague that handles false positive alerts noticed a funny thing for me in the file for “banker ring 0” malware, a very popular rootkit in Brazil. Let’s see our FP report:
Detected by 10122900-
filetype=win 32bit exe-dll
Nothing special for you, but it is for me. I’m Michal Trs … I swear, I didn’t write this rootkit :-).