fbpx
Wikipedia

Happy99

January 01, 1970

Happy99 (also termed Ska or I-Worm)[4] is a computer worm for Microsoft Windows. It first appeared in mid-January 1999, spreading through email and usenet. The worm installs itself and runs in the background of a victim's machine, without their knowledge. It is generally considered the first virus to propagate by email, and has served as a template for the creation of other self-propagating viruses. Happy99 has spread on multiple continents, including North America, Europe, and Asia.

Happy99
AliasesSka, I-Worm
TypeComputer worm
Author(s)"Spanska"
Port(s) used25, 119[1][2]
Operating system(s) affectedWindows 95,
Windows 98,
Windows NT[3]
Filesize10,000 bytes

Significance edit

Happy99 was described by Paul Oldfield as "the first virus to spread rapidly by email".[5] In the Computer Security Handbook, Happy99 is referred to as "the first modern worm".[6] Happy99 also served as a template for the creation of ExploreZip, another self-spreading virus.[7]

Spread edit

The worm first appeared on 20 January 1999.[8] Media reports of the worm started coming in from the United States and Europe, in addition to numerous complaints on newsgroups from users that had become infected with the worm.[9] Asia Pulse reported 74 cases of the virus from Japan in February, and 181 cases were reported in March—a monthly record at the time.[10][11] On 3 March 1999, a Tokyo job company accidentally sent 4000 copies of the virus to 30 universities in Japan.[12]

Dan Schrader of Trend Micro said that Happy99 was the single most commonly reported virus in their system for the month of March.[13] A virus bulletin published in February 2000 reported that Happy99 caused reports of file-infecting malware to reach over 16% in April 1999.[14] Sophos listed Happy99 among the top ten viruses reported in the year of 1999.[15] Eric Chien, head of research at Symantec, reported that the worm was the second most reported virus in Europe for 2000.[16] Marius Van Oers, a researcher for Network Associates, referred to Happy99 as "a global problem", saying that it was one of the most commonly reported viruses in 1999.[17] When virus researcher Craig Schmugar posted a fix for the virus on his website, a million people downloaded it.[18]

Technical details edit

The worm spreads through email attachments and Usenet.[19][20][21] When executed, animated fireworks and a "Happy New Year" message display.[19][22] The worm modifies Winsock, a Windows communication library, to allow itself to spread.[19] The worm then attaches itself automatically to all subsequent emails and newsgroup posts sent by a user.[23] The worm modifies a registry key to automatically start itself when the computer is rebooted. In some cases, the program may cause several error messages to appear.[24]

The worm was written by a French virus writer known as "Spanska". Other than propagating itself, the worm does no further damage to an infected computer.[25][26] The worm typically uses port 25 to spread, but uses port 119 if port 25 is not available.[24] The executable of the worm is 10,000 bytes in size; a list of spammed newsgroups and mail addresses is stored on the infected hard drive.[22][27] The worm spreads only if the Winsock library is not set to read-only.

See also edit

References edit

  1. ^ Stephen Watkins; Gregg, Michael B. (2006). Hack the Stack: Using Snort and Ethereal to Master the 8 Layers of an Insecure Network. Syngress Publishing. pp. 407, 408. ISBN 1-59749-109-8.
  2. ^ Davis, Peter (2002). Securing and controlling Cisco routers. Boca Raton: Auerbach Publications. pp. 621, 622. ISBN 0-8493-1290-6.
  3. ^ George Skarbek (16 March 1999). "Tech talk - Happy99 Virus". The Courier-Mail.
  4. ^ Roger A. Grimes (2001). Malicious Mobile Code: Virus Protection for Windows. Sebastopol, CA: O'Reilly. pp. 6. ISBN 1-56592-682-X.
  5. ^ Paul Oldfield (2001). Computer viruses demystified. Aylesbury, Bucks: Sophos. p. 32. ISBN 0-9538336-0-7.
  6. ^ Bosworth, Seymour; Kabay, Michel E. (2002). Computer security handbook. Chichester: John Wiley & Sons. pp. 44. ISBN 0-471-26975-1.
  7. ^ Rosie Lombardi (2 July 1999). "Microsoft's dominance plays a role". Computing Canada.
  8. ^ Ellis, Juanita; Korper, Steffano (2001). The E-commerce book: building the E-empire. San Diego: Academic. pp. 192. ISBN 0-12-421161-5.
  9. ^ David Watts (16 February 1999). "Help Desk". The West Australian.
  10. ^ "251 Cases of Computer Virus Damage Reported in Japan in Feb". Asia Pulse. 7 March 1999.
  11. ^ Makoto Ushida (19 April 1999). "Cyberslice - Experts warn of lurking computer viruses". Asahi Shimbun.
  12. ^ "Virus-tainted e-mail sent to 4,000". The Daily Yomiuri. 6 June 1999.
  13. ^ Clint Swett; Eric Young (7 April 1999). "Tech Talk Column". The Sacramento Bee.
  14. ^ "Virus Bulletin". Virus Bulletin: The Authoritative International Publication on Computer Virus Prevention, Recognition, and Removal. Virus Bulletin Ltd. 2000. ISSN 0956-9979.
  15. ^ "Old viruses live on". Adelaide Advertiser. 19 February 2000.
  16. ^ "Virus variants put users at risk Users are at risk from new variants of popular viruses which can evade some antivirus protection". World Reporter TM. 6 March 2000.
  17. ^ Deborah Scoblionkov (2 March 1999). "Bigfoot Users Get a Hotfoot". Wired.
  18. ^ Jeffrey Kosseff (15 September 2003). "Virus-Hunters Scour Internet with 'Dirty' Computers". The Oregonian.
  19. ^ a b c Chen, William W. L. (2005). Statistical methods in computer security. New York, N.Y: Marcel Dekker. p. 272. ISBN 0-8247-5939-7.
  20. ^ Michael J. Isaac; Isaac, Debra S. (2003). The SSCP prep guide: mastering the seven key areas of system security. New York: Wiley. p. 0471273511. ISBN 0-471-27351-1.
  21. ^ Roberta Fusaro (29 January 1999). "Internet worm can crash corporate servers". CNN.
  22. ^ a b Rubin, Aviel D. (2001). White-hat security arsenal: tackling the threats. Boston: Addison-Wesley. pp. 31. ISBN 0-201-71114-1.
  23. ^ Carrie Kirby (22 December 2000). "Holiday E-Mail Gives Viruses An Opportunity". San Francisco Chronicle.
  24. ^ a b Grover, Amit (August 2003). (PDF): 77–78. Archived from the original (PDF) on 14 September 2006. Retrieved 27 March 2009. {{cite journal}}: Cite journal requires |journal= (help)
  25. ^ Knittel, Brian; Cowart, Robert; Cowart, Bob (1999). Using MicroSoft Windows 2000 professional. Indianapolis, Ind: Que. pp. 936. ISBN 0-7897-2125-2.
  26. ^ Trefor Roscoe (2004). Rapid Reference to Computers: Rapid Reference Series. St. Louis: Mosby. p. 38. ISBN 0-7234-3357-7.
  27. ^ Bob Sullivan (27 January 1999). "Happy99.exe worm spreads on Net". ZDNet.[permanent dead link]

External links edit

  • CERT Incident Note IN-99-02

January 01, 1970
happy99, also, termed, worm, computer, worm, microsoft, windows, first, appeared, january, 1999, spreading, through, email, usenet, worm, installs, itself, runs, background, victim, machine, without, their, knowledge, generally, considered, first, virus, propa. Happy99 also termed Ska or I Worm 4 is a computer worm for Microsoft Windows It first appeared in mid January 1999 spreading through email and usenet The worm installs itself and runs in the background of a victim s machine without their knowledge It is generally considered the first virus to propagate by email and has served as a template for the creation of other self propagating viruses Happy99 has spread on multiple continents including North America Europe and Asia Happy99AliasesSka I WormTypeComputer wormAuthor s Spanska Port s used25 119 1 2 Operating system s affectedWindows 95 Windows 98 Windows NT 3 Filesize10 000 bytes Contents 1 Significance 2 Spread 3 Technical details 4 See also 5 References 6 External linksSignificance editHappy99 was described by Paul Oldfield as the first virus to spread rapidly by email 5 In the Computer Security Handbook Happy99 is referred to as the first modern worm 6 Happy99 also served as a template for the creation of ExploreZip another self spreading virus 7 Spread editThe worm first appeared on 20 January 1999 8 Media reports of the worm started coming in from the United States and Europe in addition to numerous complaints on newsgroups from users that had become infected with the worm 9 Asia Pulse reported 74 cases of the virus from Japan in February and 181 cases were reported in March a monthly record at the time 10 11 On 3 March 1999 a Tokyo job company accidentally sent 4000 copies of the virus to 30 universities in Japan 12 Dan Schrader of Trend Micro said that Happy99 was the single most commonly reported virus in their system for the month of March 13 A virus bulletin published in February 2000 reported that Happy99 caused reports of file infecting malware to reach over 16 in April 1999 14 Sophos listed Happy99 among the top ten viruses reported in the year of 1999 15 Eric Chien head of research at Symantec reported that the worm was the second most reported virus in Europe for 2000 16 Marius Van Oers a researcher for Network Associates referred to Happy99 as a global problem saying that it was one of the most commonly reported viruses in 1999 17 When virus researcher Craig Schmugar posted a fix for the virus on his website a million people downloaded it 18 Technical details editThe worm spreads through email attachments and Usenet 19 20 21 When executed animated fireworks and a Happy New Year message display 19 22 The worm modifies Winsock a Windows communication library to allow itself to spread 19 The worm then attaches itself automatically to all subsequent emails and newsgroup posts sent by a user 23 The worm modifies a registry key to automatically start itself when the computer is rebooted In some cases the program may cause several error messages to appear 24 The worm was written by a French virus writer known as Spanska Other than propagating itself the worm does no further damage to an infected computer 25 26 The worm typically uses port 25 to spread but uses port 119 if port 25 is not available 24 The executable of the worm is 10 000 bytes in size a list of spammed newsgroups and mail addresses is stored on the infected hard drive 22 27 The worm spreads only if the Winsock library is not set to read only See also editList of computer worms Timeline of computer viruses and worms Comparison of computer viruses E mail spam MalwareReferences edit Stephen Watkins Gregg Michael B 2006 Hack the Stack Using Snort and Ethereal to Master the 8 Layers of an Insecure Network Syngress Publishing pp 407 408 ISBN 1 59749 109 8 Davis Peter 2002 Securing and controlling Cisco routers Boca Raton Auerbach Publications pp 621 622 ISBN 0 8493 1290 6 George Skarbek 16 March 1999 Tech talk Happy99 Virus The Courier Mail Roger A Grimes 2001 Malicious Mobile Code Virus Protection for Windows Sebastopol CA O Reilly pp 6 ISBN 1 56592 682 X Paul Oldfield 2001 Computer viruses demystified Aylesbury Bucks Sophos p 32 ISBN 0 9538336 0 7 Bosworth Seymour Kabay Michel E 2002 Computer security handbook Chichester John Wiley amp Sons pp 44 ISBN 0 471 26975 1 Rosie Lombardi 2 July 1999 Microsoft s dominance plays a role Computing Canada Ellis Juanita Korper Steffano 2001 The E commerce book building the E empire San Diego Academic pp 192 ISBN 0 12 421161 5 David Watts 16 February 1999 Help Desk The West Australian 251 Cases of Computer Virus Damage Reported in Japan in Feb Asia Pulse 7 March 1999 Makoto Ushida 19 April 1999 Cyberslice Experts warn of lurking computer viruses Asahi Shimbun Virus tainted e mail sent to 4 000 The Daily Yomiuri 6 June 1999 Clint Swett Eric Young 7 April 1999 Tech Talk Column The Sacramento Bee Virus Bulletin Virus Bulletin The Authoritative International Publication on Computer Virus Prevention Recognition and Removal Virus Bulletin Ltd 2000 ISSN 0956 9979 Old viruses live on Adelaide Advertiser 19 February 2000 Virus variants put users at risk Users are at risk from new variants of popular viruses which can evade some antivirus protection World Reporter TM 6 March 2000 Deborah Scoblionkov 2 March 1999 Bigfoot Users Get a Hotfoot Wired Jeffrey Kosseff 15 September 2003 Virus Hunters Scour Internet with Dirty Computers The Oregonian a b c Chen William W L 2005 Statistical methods in computer security New York N Y Marcel Dekker p 272 ISBN 0 8247 5939 7 Michael J Isaac Isaac Debra S 2003 The SSCP prep guide mastering the seven key areas of system security New York Wiley p 0471273511 ISBN 0 471 27351 1 Roberta Fusaro 29 January 1999 Internet worm can crash corporate servers CNN a b Rubin Aviel D 2001 White hat security arsenal tackling the threats Boston Addison Wesley pp 31 ISBN 0 201 71114 1 Carrie Kirby 22 December 2000 Holiday E Mail Gives Viruses An Opportunity San Francisco Chronicle a b Grover Amit August 2003 Application Adaptive Bandwidth Management Using Real Time Network Monitoring PDF 77 78 Archived from the original PDF on 14 September 2006 Retrieved 27 March 2009 a href Template Cite journal html title Template Cite journal cite journal a Cite journal requires journal help Knittel Brian Cowart Robert Cowart Bob 1999 Using MicroSoft Windows 2000 professional Indianapolis Ind Que pp 936 ISBN 0 7897 2125 2 Trefor Roscoe 2004 Rapid Reference to Computers Rapid Reference Series St Louis Mosby p 38 ISBN 0 7234 3357 7 Bob Sullivan 27 January 1999 Happy99 exe worm spreads on Net ZDNet permanent dead link External links editCERT Incident Note IN 99 02 Viruslist Email Worm Win32 Happy Retrieved from https en wikipedia org w index php title Happy99 amp oldid 1192713583, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.