1 hour ago
⚡ Welcome again to The Weekly Authority, the Android Authority newsletter that breaks down the top Android and tech news from the week. The 167th edition is here, bringing this week’s newsworthy happening to your inbox.
😱 This week I realized playing a PS5 horror game set in an underground Sumerian temple isn’t a great idea if you’re (a) afraid of the dark and (b) don’t like being underground. Yup, the Dark Pictures Anthology: House of Ashes is every bit as terrifying as it looks!
You’re going to want to put your brunch to one side for this, as today we’re talking about worms… Actually, not the creepy, crawly ones — the malicious software ones.
On this week in 1988 — November 2, if we’re being exact, The Morris worm (or internet worm) became one of the first computer worms to be distributed via the internet. It was also the first time a computer worm had gained the attention of the mainstream media to such a degree.
It was the 80s, so computers, and their programming, weren’t yet part of everyday life in the US. There were around 60,000 computers connected to the internet and computers were generally thought of as for academia and government purposes. Those developing and learning about computer technology saw this as their playground.
Who created the Morris worm?
The Morris worm was named after its creator, Robert Tappan Morris, a programming student at Cornell.
- Morris was the son of Robert Morris, Sr., a computer professional and cryptographer who worked for Bell Labs and later the US National Security Agency (NSA). He made significant contributions to UNIX, including the bc programming language, the program crypt, and the el encryption scheme used by passwords. He’s also known as one of CoreWar’s creators, a game thought to be one of the predecessors of computer viruses…
- Nobody really knows Morris’ motives for sure when he created the worm, and there are those who say he made it as a pen test that went wrong.
- Morris did attempt to cover his tracks, though, hacking into the Massachusetts Institute of Technology network to launch the worm.
- It’s said that a friend of his tipped off the New York Times with Morris’ initials.
- In 1989, he became the first person ever indicted under the US Computer Fraud and Abuse Act, sentenced to a fine of $10,050, three years of probation, and 400 hours of community service.
It’s not all doom and gloom for Morris, though. He went on to become a renowned academic, tech founder, and venture capitalist. He is currently a tenured professor of computer science and artificial intelligence at MIT’s Electrical Engineering & Computer Science department, though we hope these days he’s teaching students how to defend against malware rather than implement it.
What did it do?
The Morris worm actually played a significant role in the history of computer science. This was the first time the “vulnerability” (as we now term it) of networked computers had been demonstrated, leaving developers, students, scientists, and government officials, fearing what would come next.
- The worm exploited vulnerabilities in UNIX sendmail, finger, and rsh/rexec. It guessed weak passwords and used names of account holders to brute force password possibilities.
- Combined with reinfection and compounded repetition, the worm occupied a machine’s resources until they were ultimately shut down. It’s a bit like a DoS or DDoS attack today.
- The worm was pretty clever, too. It would verify whether a new machine was already infected, then only re-infecting previously infected machines one in seven times. This not only accelerated spread but also prevented users from mimicking a worm process to feign infection.
- Around 6,000 computers in total were infected, around 10% of those connected to the web, and following many days of internet chatboard discussion — no WhatsApp in those days — it took two days to fully remove the Morris worm from the machines.
- The cost of damage was estimated to be in the range of $100,000 to $10M.
If you’re interested, you can check out the source code of the threat.
Other famous worms
Although an identical Morris worm attack would no longer be viable today as we now take a “security-first” attitude, with password usage and curation more closely monitored, there are plenty of other famous worms that have caused damage and caught our attention throughout history. Here are a few of the most famous:
Jerusalem, a variant of the Survi virus, actually appeared about a year before the Morris worm, back in 1987. Also known as BlackBox, this malware worked by deleting programs or file executed every year on set days, most notably Friday the 13. It also increased the file size of files running within DOS, depleting resources and slowing down data processing.
The Love Bug Worm, or ILOVEYOU Worm, was created by a college student in the Philippines who intended to steal other users’ passwords. It spread in 2000, accessing Outlook email addresses in a user’s contacts list and overwriting the victim’s files while sending itself across the worldwide web.
Fake news is everywhere these days, but back in 2007 the Storm Worm, named after the Kyrill storm in Europe, gathered a ton of private data and executed DDoS attacks with a fake email subject line alleging 230 people had died during the Kyrill storm, compelling users to open it. It’s also been seen in emails with subject lines such as “A killer at 11, he’s free at 21 and kill again!”
There’s a reason spam folders exist nowadays. Back in 2003, the Sobig Worm made its way through millions of computers by posing as an email with a slightly sinister attachment. The *.pif or *.scr attachment contained malware capable of affecting any host within the vicinity, provided the user downloads and runs the file.