Don’t Try This At Home: Creating A Simple Virus With Ruby
The Age of Information has provided us with amazing technology: handheld supercomputers with facial recognition, garbage cans that can create grocery lists, virtual reality, 146-inch flatscreen TVs, etc.
Computers are an integral part of any business, home, school. However, with the advent of this technology, there exists a darker side of how modern technology is implemented, such as viruses.
Viruses in Biology
In biological terms, a virus is a small infectious agent comprised of genetic material encapsulated in a protein coat that can only replicate inside a host cell. How viruses reproduce is unnerving. What they do is insert their genetic information into the genetic material of the host cell, and during replication of the host cell, material for creating new virus molecules are also created. Eventually, enough virus molecules are instantiated that the cell cannot handle the multitude, and explodes. The newly released virus molecules then float away, ready to infect new cells. Although viruses contain genetic information, can reproduce, and evolve through natural selection, because they lack other characteristics of life, viruses are generally referred to as replicators, or “organisms at the edge of life”. Neither living or dead, replicating and wreaking havoc without a cause, they are the real life equivalent of zombies.
Computer Viruses
Like their biological namesake, computer viruses are comprised of code and can only replicate when that code is run. In order for the virus to spread, users would need to transfer infected files or programs to other computer systems. Once the file/program is run, the virus can then access other files within the computer, which, in a worst case scenario, could delete all the files on a user’s computer. For example, if a user were to were to a download and play a questionable video from a website that was infected, the virus could infect all videos within the computer. And then, if this same careless user were to send a video from his file to a unsuspecting friend, once that friend downloads and plays that infected video, his videos in his computer will similarly be affected. These viruses can result in enormous sums of money wasted, time wasted, and stress for all infected parties. While the picture below shows an example of Blaster, a computer worm, which differs slightly from a computer virus, it shows how holes in computer security can be exploited.
So, why would I want to learn how to create a virus, if it causes so much pain for others? In the third chapter of The Art of War by Sun Tzu, he wrote that knowing both yourself and your enemy, you can win a hundred battles without endangering yourself. Alan Turing’s deciphering of Enigma, a German cipher machine, used primarily in World War II, could have shortened the war by two years and saved over ten million lives. Our computers are treasure troves of personal information and resources that should be private and protected. By learning more about the process of creating a virus, I can understand more about how viruses propagate and how antivirus software works.
Creating a Basic Computer Virus
To start with, the virus should be able to recognize which files are and aren’t infected. We do this by checking the first line of the file, and if it does not match the virus_top tag, the virus code recognizes the file as a file that has not been infected. If a file has not yet been infected, the virus should be able to embed in the file/program. The virus also needs to have an ending tag so that the virus code is spread, sans content of the infected file.
After a file is selected for infecting, the virus’ code will rename the file to ‘temp.rb’.
The virus_contents variable is an empty string, which we will fill with the virus code. The virus will then embed its code to a file with the name of the original file, so that the user of the infected computer will not suspect anything is wrong. The code from the temp.rb file will then be appended to the infected file and deleted, and the virus has spread.
As you can see, the code from the infected files still run, but the virus has spread. If I had just added a few more lines of code, and the files inside this directory were important/contained personal information, the virus becomes something extremely dangerous, like the variation of the virus I created below.
In this variation, I have deleted the section of the code where the content of the original file is appended back to the infected file and replaced it with malicious code.
Since I no longer have the code that appends the information of the original file, the infected files will contain only the virus’ code.
Conclusion
Creating a virus from scratch was surprisingly simple, and that’s pretty frightening. I have only been learning about code for a few months and already I have created a working virus, albeit a harmless one. Mac users are mostly safe from viruses, since the people who code them, code them for Windows. However, I believe there will be a time in the future where hackers will move towards targeting Macs and I think that being prepared to deal with these situations is both necessary and wise.