Computer worm
A computer worm is a self-replicating computer program, similar to a computer virus.
A virus attaches itself to, and becomes part of, another executable program; a worm is self-contained and does not need to be part of another program to propagate itself.
The name 'worm' was taken from The Shockwave Rider, a 1970s science fiction novel by John Brunner. Researchers writing an early paper on experiments in distributed computing noted the similarities between their software and the program described by Brunner and adopted the name.
The first worm to attract wide attention, the Morris worm, was written by Robert Tappan Morris, Jr. at the MIT Artificial intelligence Laboratory. It was released on November 2, 1988, and quickly infected a great many computers on the Internet at the time. It propagated through a number of bugs in BSD Unix and its derivatives. Morris himself was convicted under the US Computer Crime and Abuse Act and received 3 years' probation, community service and a fine in excess of $10,000.
In addition to replication, a worm may be designed to do any number of things, such as delete files on a host system or send documents via email. More recent worms may be multi-headed and carry other executables as a payload. However, even in the absence of such a payload, a worm can wreak havoc just with the network traffic generated by its reproduction. Mydoom, for example, caused a noticeable worldwide Internet slowdown at the peak of its spread.
A common payload is for a worm to install a backdoor in the infected computer, as was done by Sobig and Mydoom. These backdoors are used by spam senders for sending junk email or to cloak their website's address.[1] Many security experts are of the opinion that spammers pay for the creation of such worms.[2] [3] The backdoors can also be exploited by other worms, such as Doomjuice, which spreads using the backdoor opened by Mydoom.
Whether worms can be useful is a common theoretical question in computer science and artificial intelligence. The Nachi family of worms, for example, tried to download then install patches from Microsoft's website to fix various vulnerabilities in the host system (the same vulnerabilities that they exploited). This eventually made the systems affected more secure, but generated considerable network traffic, rebooted the machine in the course of patching it, and, maybe most importantly, did its work without the explicit consent of the computer's owner or user. As such, most security experts deprecate worms, whatever their payload.
Related links
This usage of the term 'worm' should not be confused with WORM (in capitals), which stands for Write Once, Read Many, a property of some computer storage media.
Referenced By
22 January | 22nd January | Can Spam Act | Can Spam Act of 2003 | Controlling the Assault of Non-Solicited Pornography and Marketing Act | Defense against spamming | H4x0r | H4xx0r | Hacker | Hacker (software) | Internet time | January 2004 | January 22 | January 22nd | John Brunner | List of Internet topics | List of computer term etymologies | MICROSOFT | Malware | Micro-soft | Microsoft.com | Microsoft Corporation | Microsoft Inc | Microsoft Outlook | Outlook | Software hacking | Stopping E-mail abuse
|
