Y2K - The Next Problem - Millennium Viruses

By Sean Hargrave www.the-times.co.uk 5-4-99

LONDON - Computer virus experts are warning that rogue programmers' next big trick is likely to be millennium viruses.

After the CIH virus struck last Monday and made hundreds of thousands of computers unusable, people are being warned to be vigilant against year 2000 viruses.

None has yet been spotted, but the significant date and concern over the millennium bug will be too tempting for rogue programmers to resist.

E-mail containing year 2000 greetings cards and fabulous millennium offers are expected to spread viruses.

The latest trick for virus writers is to gain access to an e-mail user's address book to get names and addresses to send rogue programs so that the recipients believe they have received something from a trusted friend.

This method was used to spread the infamous Melissa virus last month as well as the lesser-known Happy99 virus. The latter looks as though it is a greetings card from a friend. When the program runs, a message appears alongside fireworks wishing the user a "Happy 1999". However, at the same time a virus infects the program files used by a computer to communicate with other computers, which can lead to Net browsing and e-mail difficulties.

According to Paul Ducklin, a security expert with the anti-virus software company Sophos, that is just a taste of what is to come. "If that's what happened with an insignificant date like 1999, the mind boggles at what virus writers have got lined up to mark the end of the millennium," he says.

At the simplest level a program with a single line of rogue code could be e-mailed to computers to wind their clocks forward. Any computer that is not millennium compliant would fail.

However, Paul Ducklin believes the real threat could come from e-mail claiming to contain details of millennium offers.

"There's so much interest in the next millennium that people are going to have their guard down," he says.

"If an e-mail offers cheap flights or weekend breaks at the end of the year people who thought they couldn't afford to pay exorbitant flight and hotel prices will get excited and open the .exe program file or document and unwittingly infect their computer with the attached virus."

For computer users the advice is not to open program files (these come with an .exe suffix) that are e-mailed to them but delete them immediately. Any e-mail offering fantastic millennium bargains should also be deleted without being opened. The latest anti-virus software should also be installed to offer protection against known viruses.

-- Andy (2000EOD@prodigy.net), May 05, 1999

Answers

Andy and others, when it comes to computers, I do not even qualify as a PeeCee Weenie. I think these viruses are going to be a real concern, but I really don't want to be paranoid about whether to open a file, particularly if it's attached to a friend's return address.

Someone please give me a guaranteed (but reasonable) way to minimize disruption. I wouldn't mind getting a $200 junker computer just for my online stuff. Is that the safest solution?

-- Spamless (spam@spam.spam), May 05, 1999.

Now that you mention it, I wonder how many "unknown viruses" are just hanging out, with a trigger of 1999-12-31 23:59:59... Ya know, just to throw another monkey wrench in the works. <:)=

-- Sysman (y2kboard@yahoo.com), May 05, 1999.

Spamless,

Sorry, same post time! I get EXE etc. from "good friends" that I wouldn't hesitate to run without scanning. But as a general rule, I download everything to a \DOWNLOAD directory, and have an icon set-up to have Mcafee scan that directory. This beats the overhead and other BS of having a resident AV program. I just have to REMEMBER to scan that dir before I use anything in it, but it's second nature now. I also do a full scan every week, just in case I forgt!

An old PC is another option. I have an old 16 meg. 386/40 with Win/3.11 thah runs IE and NS with no problem. The old 28.8 modem slows it down though... But my P-II/400 is much nicer! <:)=

-- Sysman (y2kboard@yahoo.com), May 05, 1999.

Sysman--think "disgruntled employee with sufficient computer knowledge". . . Gosh, that narrows it down to about, oh, coupla million, wouldn't you say? Sweetie and I thought about this when we first GI--genuine mistakes, plus deliberate ones, plus little virus timebombs. As Cory says, "weird and wonderful unexpected ways." Or words to that effect.

-- Old Git (anon@spamproblems.com), May 05, 1999.

rogue programmers, rogue programs, rogue code

Does Hargrave report on elephants, too?

>At the simplest level a program with a single line of rogue code could be e-mailed to computers to wind their clocks forward. Any computer that is not millennium compliant would fail.

:-D

Time's running out for that one.

Anybody for an antivirus to wind the clocks backward?

-- No Spam Please (No_Spam_Please@anon_ymous.com), May 05, 1999.

As regards outright sabotage I (and the FBI/CIA) believe it a very real and serious concern. I have no doubt that there are many many warped/frustrated/disgruntled you name it programmers out there waiting to put the spanners in.

Then you have expat programmers (have you any idea how many entered the US in the last year or two?) working here in the USA on rushed, sensitive, probably not very well supervised projects. Think about the access these folks have. Timebomds, trap doors, replicating viruses etc. you name it.

Then you have all of our wonderfull IT managers outsourcing our code to India and all points west. Hell we're EXTREMELY popular in India :)

Gadzooks!

-- Andy (2000EOD@prodigy.net), May 05, 1999.

Andy,

This smells like a blatent propoganda insert leading to internet regulation. Scare Scare Scare, regulate regulate regulate. CONTROL!

-- R. Wright (blaklodg@aol.com), May 06, 1999.

Could be right - it's their biggest worry, the net. And isn't there a big vote coming up in the Senate over internet fees.

On another thread there is a piece about Sabotage. Cyber-terrorism has been talked about for a while now by the controlled media so I am expecting something major sooner rather than later.

Who will get the blame?

-- Andy (2000EOD@prodigy.net), May 06, 1999.