Chernobyl Virus to Strike Monday

Zenon M. Feszczak feszczak at sas.upenn.edu
Sat Apr 24 15:25:56 UTC 1999 

Pryvit -

Only relevant to those unfortunate enough to be using Wintel.
More positive publicity for Ukraine as well.

Na vse dobre,

Zenon M. Feszczak
Mad Scientist








http://www.nytimes.com/library/tech/99/04/biztech/articles/24virus.html



              April 24, 1999


              Virus Set to Strike Monday

              By THE ASSOCIATED PRESS

                       ASHINGTON -- Experts are warning of a computer virus
set to strike Monday
                       that can erase a computer's hard-drive and prevent
the equipment from restarting.

              But they also reassured the public that off-the-shelf
antivirus software can prevent infection,
              and several companies offered free inoculation tools on their
Web sites.

              "It's pretty much just another virus. It's been around for
quite a while," said Kathy Fithen,
              manager of the Computer Emergency Response Team at Carnegie
Mellon University. "As
              long as people stay current with their antivirus software,
they should be in good shape."

              The most common version of virus, known as "Chernobyl" or
"CIH," was programmed to
              activate on computers using Windows 95 and Windows 98 on
Monday, the 13th anniversary
              of the disaster at the Chernobyl nuclear power plant in Ukraine.

              Another version, less common, strikes computers on the 26th
day of any month.

              The viruses, believed to originate in Taiwan, attempt to
erase a computer's hard-drive and
              write gibberish to the computer's system settings, called its
Bios, that would prevent the
              machine from being restarted.

              But warnings from many experts lacked any sense of panic or
impending doom because the
              virus was discovered last summer, giving antivirus companies
many months to develop free
              software updates to identify and destroy it.

              Users of those products will be protected only if they have
retrieved the free updates.

              Network Associates Inc., for example, said its popular McAfee
software recognized
              Chernobyl as early as June last year, and Symantec Corp. said
its Norton Antivirus program
              identified Chernobyl before August.

              CERT issued a warning this week about the virus because of
questions from computer users.

              "We're getting requests for information about it rather than
reports of machines infected with
              it," Fithen said. "This has been around so long that the
antivirus vendors have picked this
              up."

              Unlike the recent "Melissa" scare, which automatically
              propagated via e-mail, this virus doesn't spread as quickly
              because it requires a person to launch an infected program
              file to contaminate a computer.

              Carey Nachenberg, chief researcher at Symantec's Antivirus
              Research Center, said one big risk stems from a potential
              infection on a company's computer network, which could
              then spread to individual computers.

              "If it gets on a corporate network and the volumes are not
protected, it could spread very,
              very rapidly," Nachenberg said.

              Gene Hodges, a vice president for security at Network
Associates, said the company was
              hoping for the best but bracing for worse.

              "It can be fairly significant," Hodges said. "You don't know
until the bomb actually goes
              off."

More information about the SEELANG mailing list