- Email: [email protected]
Mac virus busters help nab two suspects
Computer Fraud & Security Bulletin
May 1992
and 1S% reported discovering the virus by January 1992. It was discovered in dozens of US Congress staff offices in Washington DC, and at least 7SQSouthAfrican pharmacists reportedthat Michelangelo had destroyed their data. Michelangelo represents the new class of shrink-wrapped computer viruses, introduced on diskettes delivered direct from the infected product's manufacturer.
Michelangelo, it restored Stoned III, leaving that particular system still infected even though it had been declared clean by the utility.
For instance, Leading Edge, a Westboro-based microcomputer maker, shipped up to SOO units containing the Michelangelo computer virus. The affected devices had been assembled in a Californian plant and were shipped to its dealers between 10 and 27 December 1991. Leading Edge reported that one of these dealers had identified the virus in the installation software that accompanied one of the peripheral devices bundled with the systems. The virus apparently had been introduced into the program by the subcontractor who had produced copies of it.
An unofficial team of Macintosh virus busters from Apple has provided authorities with information leading to the arrest of two virus authors. Professor Eugene Spafford, a member of the Macintosh virus team, commented that this was one of the rare instances in which a virus author has been arrested for creating and disseminating a virus. David Blumenthal and Mark Pilgram, both second year students at Cornell University, were arrested and charged with computer tampering before being released on bail. They are accused of creating the Macintosh virus MBDF-A, deliberately infecting two computer games with the virus and using a third game as a Trojan Horse to transport the virus.
Microchip maker Intel distributed Michelangelo in 839 copies of its LANSpool 3.01 printer server utility. The infected products were to be used with Novell's NetWare 2.1,2.2 and 3.1. Reportedly, Intel's pre-shipment virus scanning process had failed to detect the infection because it was running an out of date version. Other vendors who shipped copies of Michelangelo in their products included Symbol Technologies, Da Vinci Systems and Virtual Reality Labs. Computer virus shipment in shrink wrapped software has not been limited to Michelangelo. In late December 1991, Novell shipped 3800 copies of its Network Support Encyclopedia that contained Stoned III, an enhanced version of the pro marijuana computer virus that initially appeared in New Zealand in October 1988. Novell provided all of its customers with a virus scanning and cleaning utility and told them that while Stoned III would infect a PC on which an infected diskette was used to boot the system, it would not infect local area network servers. There were numerous reports that Michelangelo had moved Stoned III, when it was encountered, to an alternate boot sector. Later, when a virus scanning and cleaning utility removed
2
Belden Menkus
Mac virus busters help nab two suspects
The games - Obnoxious Tetris, Tetricycle and Ten Tile Puzzle - were launched from a computer at Cornell via Internet and posted onto bulletin boards around the world. Although not designed to destroy data, the virus infects the Macintosh operati ng system and other applications, causing infected programs to malfunction and perhaps resultinq in system crashes. William Lipa, a member of the Macintosh virus team, traced the viruses back to Cornell where university officials carried out their own investigation. Once it had been determined which operator's terminal had been used to launch the virus, the students were arrested and their rooms were searched. The pair now face a maximum penalty of one year in jail. Cornell already has an infamous reputation as the origin of the Morris Internet worm.
©1992 Elsevier Science Publishers Ltd
May 1992
and 1S% reported discovering the virus by January 1992. It was discovered in dozens of US Congress staff offices in Washington DC, and at least 7SQSouthAfrican pharmacists reportedthat Michelangelo had destroyed their data. Michelangelo represents the new class of shrink-wrapped computer viruses, introduced on diskettes delivered direct from the infected product's manufacturer.
Michelangelo, it restored Stoned III, leaving that particular system still infected even though it had been declared clean by the utility.
For instance, Leading Edge, a Westboro-based microcomputer maker, shipped up to SOO units containing the Michelangelo computer virus. The affected devices had been assembled in a Californian plant and were shipped to its dealers between 10 and 27 December 1991. Leading Edge reported that one of these dealers had identified the virus in the installation software that accompanied one of the peripheral devices bundled with the systems. The virus apparently had been introduced into the program by the subcontractor who had produced copies of it.
An unofficial team of Macintosh virus busters from Apple has provided authorities with information leading to the arrest of two virus authors. Professor Eugene Spafford, a member of the Macintosh virus team, commented that this was one of the rare instances in which a virus author has been arrested for creating and disseminating a virus. David Blumenthal and Mark Pilgram, both second year students at Cornell University, were arrested and charged with computer tampering before being released on bail. They are accused of creating the Macintosh virus MBDF-A, deliberately infecting two computer games with the virus and using a third game as a Trojan Horse to transport the virus.
Microchip maker Intel distributed Michelangelo in 839 copies of its LANSpool 3.01 printer server utility. The infected products were to be used with Novell's NetWare 2.1,2.2 and 3.1. Reportedly, Intel's pre-shipment virus scanning process had failed to detect the infection because it was running an out of date version. Other vendors who shipped copies of Michelangelo in their products included Symbol Technologies, Da Vinci Systems and Virtual Reality Labs. Computer virus shipment in shrink wrapped software has not been limited to Michelangelo. In late December 1991, Novell shipped 3800 copies of its Network Support Encyclopedia that contained Stoned III, an enhanced version of the pro marijuana computer virus that initially appeared in New Zealand in October 1988. Novell provided all of its customers with a virus scanning and cleaning utility and told them that while Stoned III would infect a PC on which an infected diskette was used to boot the system, it would not infect local area network servers. There were numerous reports that Michelangelo had moved Stoned III, when it was encountered, to an alternate boot sector. Later, when a virus scanning and cleaning utility removed
2
Belden Menkus
Mac virus busters help nab two suspects
The games - Obnoxious Tetris, Tetricycle and Ten Tile Puzzle - were launched from a computer at Cornell via Internet and posted onto bulletin boards around the world. Although not designed to destroy data, the virus infects the Macintosh operati ng system and other applications, causing infected programs to malfunction and perhaps resultinq in system crashes. William Lipa, a member of the Macintosh virus team, traced the viruses back to Cornell where university officials carried out their own investigation. Once it had been determined which operator's terminal had been used to launch the virus, the students were arrested and their rooms were searched. The pair now face a maximum penalty of one year in jail. Cornell already has an infamous reputation as the origin of the Morris Internet worm.
©1992 Elsevier Science Publishers Ltd