BBCTechnology

Why some computer viruses refuse to die

There are zombies on the internet – odd, undead lumps of code that roam endlessly seeking and finding fresh victims to infect that help keep the whole ugly horde staggering on, and on.
Most of these shambling data revenants are computer viruses and the most long-lived of all are worms.
“Most of those worms are self-spreading – that’s why we still see them moving around,” said Candid Wueest, principal threat researcher at Symantec, who has hunted viruses for years.
Typically, he said, when these malicious programs infected a machine, they kicked off a routine that scanned the entire net looking for other computers vulnerable in the same way as their current host.
When they found one, they installed a copy that also started scanning.
“All it takes is a few machines to get them moving around again,” he added.
The living dud
One of the most active zombie viruses is Conficker, which first struck in November 2008. At its height, the worm is believed to have infected up to 15 million Windows PCs.
The French navy, UK warships, Greater Manchester Police and many others were all caught out by Conficker, which targeted the Windows XP operating system.
The malware caused so much trouble that Microsoft put up a bounty of $250,000 (£193,000) for any information that would lead to the capture of Conficker’s creators.
That bounty was still live and, Microsoft told the BBC, remained unclaimed to this day.
Dr Paul Vixie, from Farsight Security, was part of the Conficker Working Group, set up when the malware was at its feverish peak.
The group had managed to stem the tide of infection, said Dr Vixie, because of the way the virus worked.
One of the ways it spread was by it checking one of a handful of net domains for instructions or updates every day.

Source: BBC
tags:

Comment here