What is acomputer virus?
Who created the Melissa Virus?
Unlike the Morris Worm, which was created by mistake, the Melissa Virus was written by David L. Smith, who made it as a proof of concept. The virus wasn’t directly destructive to infected systems. However, the Melissa virus caused widespread damage by overloading email servers and spreading rapidly across the Internet.
How did the virus work?
The virus spread through infected Microsoft Word documents attached to emails. The subject line of the email was “Important Message From [sender’s name],” and the message was: “Here is that document you asked for. Don’t show anyone else ;-).” The attached Word file was named something enticing, such as “List.doc” or “Important.doc.”
When the attached document was opened, it triggered a macro (a series of automated commands) within Microsoft Word, which executed malicious code. The macro script then infected the user’s Word application and sent itself to the first 50 people in the infected user’s Outlook address book.
How did the virus spread?
The virus was first uploaded to an alt.sex newsgroup, disguised as a file that contained passwords for various pornographic websites. People downloaded the file, thinking it contained the promised content, but instead, they released the virus into their systems.
The virus exploited vulnerabilities in Microsoft Word’s macro system, which had access to email clients like Outlook. Melissa would insert its malicious code into Word’s macro templates, ensuring that every document created or edited by the infected user would carry the virus.
The impact of the Melissa Virus
The Melissa virus didn’t corrupt data or files, but had a devastating impact on email servers due to the sheer volume of emails it generated. With each infected machine sending emails to 50 more people, email servers quickly became overwhelmed. Many corporate networks, government agencies, and universities were affected, leading to widespread slowdowns, outages, and server crashes.
It’s estimated that the virus caused $80 million in damages, including lost productivity and the cost of cleaning infected systems.
As per David L. Smith, he was arrested just a few days after the virus was released. The virus included a hidden message referring to his alias “Skywalker” and a reference to a computer club he frequented. Smith pleaded guilty to creating and distributing the virus, stating that he didn’t intend for it to cause as much harm as it did. He was sentenced to 20 months in federal prison and fined $5,000. He also cooperated with law enforcement to help track down other malware creators.
The legacy of the Melissa Virus
Melissa was one of the first major incidents to show the danger of email-based malware and how quickly it could spread. It highlighted the need for more secure email systems, leading to advancements in email filtering technology.
The virus prompted Microsoft to tighten security around macros in its Office applications. In later versions, users were required to enable macros explicitly, and warnings were displayed when a document contained macros. Melissa also spurred significant improvements in antivirus software, leading to better detection of known and unknown threats through heuristic scanning and macro script analysis.
The beginning of social engineering
The Melissa virus set the stage for later email-based attacks such as ILOVEYOU (2000) and MyDoom (2004). Both of these, like Melissa, used email as their primary distribution method and caused significant global disruptions.
The virus also introduced the world to the concept of social engineering in the form of a seemingly innocent email message that entices the recipient to open it, a tactic that remains common in modern phishing attacks.