Animesh Pathak's Crazy Ideas

Friday, March 04, 2005

Idea #2: The birthday virus!

Hi all readers,
I have been asked about my next idea for some time now, so hear goes:

Since yesterday (march 3) was my birthday, I received a lot of e-cards and emails [thanks to all of you who sent them]. However, I realised that the occasion made me check my mail more frequently - and more prone to opening attachments.

So, imagine that it is your birthday and you receive an email from one of your friends with Happy Birthday as the subject and a generic birthday message in content. Attached is a zip file which (allegedly) is a nice card for you.

Now, ask yourself as to how likely you are to open that attachment, something that you will not do in a general scenario to a random email.

Scary, isn't it? The thought that this can be exploited by a virus/worm/trojan.

The algorithm is very simple:
1. Scan infected machine for calendar app (MS Outlook, Mozilla Sunbird etc.) and glean out birthdays and other important events (anniversaries etc).
2. Send a copy of the infectious program in a zip file or something with a generic birthday (or other relevent) message to appropriate people in the address book.

That's it!

Major Con:
1. The virus cannot spread so fast since only so many people you know have the same birthday.
A. Well, if I get a card even today or tomorrow from a friend, I still have a high probability of opening it, 1-2 days after my birthday, so that increases the infection circle. Also, a virus sitting on a person's machine and not getting cleaned will have the chance to wish a lot of his/her friends in the months that it stays in that machine. Basically, given the high probability of infection, maybe this way of spreading can be an extra way by which the malware can hop hosts.

So here it is people, be careful of those birthday emails. I have not seen something like this yet, but very soon... someone might decide to add this to their arsenal.

As always, comments are most welcome. The ones on the previous idea were pretty good!

cheers
Animesh

5 Comments:

  • first of all I must say its a pretty novel idea...but I haven't heard of e-cards coming as attachments in e-mails....usually an e-card is sent by the site one created the card on and furthermore,a link to the card is sent for the reciepient to view the card...so unless until the link itself has a hidden program behind it like a phising email....I don't think e-cards wud be a problem
    -neha

    By Anonymous Anonymous, at 7:30 PM  

  • I agree with neha..even i havent heard of ecards coming in attachments..yeah flash files can but...and they have exe. extensions...

    One has to be careful with attachments now a days…no doubt that’s a novel idea...but as far as these viruses are concerned yahoo & hotmail are very particular now a days. Before downloading it scans the message with Norton Antivirus.

    So when u actually click for downloading the attachments it display some messages like this

    *************************
    W32.Netsky.Z@mm" found

    You can not download this attachment.

    Contact the message sender and request that they resend the attachment to you after cleaning it with anti-virus software.
    *********************************

    Additionally, Yahoo! Mail has an Image Blocking feature that prevents HTML graphics from loading until you determine the message is from a trusted sender.

    Moreover, if its from a friend…Save the attached files on your computer (for instance in My Documents) instead of opening them directly from your mailbox.

    then u can probably check the file extensions. Never open attachments with double file extensions like…picture.bmp.exe" or "list.txt.vbs" and containing file extensions such as ".vbs", ".shs", or ".pif").

    This article is not 4 u...its for ppl who are not aware of file extensions.

    Good work :)
    ~ ~

    By Anonymous Anonymous, at 12:27 AM  

  • Dude.. my expectations were high from ur crazy ideas, but u disappointed me talking abt such a trivial thing, the virus writers have moved a 1000 step ahead of what you have written and several more novel and aggressive ways of spreading viruses and enticing email users to execute them are in practice.

    Cheers,
    http://www.livejournal.com/users/crabhunt/

    By Anonymous Anonymous, at 11:04 AM  

  • Thanks for your comments Neha and ~~ ,
    The antivirus (of yahoo etc.) will not be relevent here since we are talking about the situation where the antivirus entry has not been made yet. As far as propriety and impropriety of file extensions are concerned, if someone sends you birthdaygreeting.exe which apparently is a chweeet B'day card with pics of kittens and all (maybe a preview can also be attached with the email), you may end up opening it and enjoying the kittens, while the program installs a virus in the background.

    Thanks for the comment crabhunt,
    About the idea itself, It came to me on my birthday - and I have not
    heard anything like that before, so I posted it. Please let me know if
    you have read similar stuff before.

    I know that fundoo techniques exist, but I realised that now people
    are moving towards a better and safer email reading policy. I myself
    have not caught a virus in a long time now, thanks to my no-attachment
    policy and using AVG. But when i realised that even I could be duped
    into opening an attachment on my B-day, I thought maybe others also
    could be! :-).

    More crazy ideas are brewing up... just need to find time to type them out.

    By Blogger Animesh, at 11:26 AM  

  • Yeah, one thought on similar lines.

    If these spam sending people use this subject line "Hey, Happy birthday"... then the thousands of people of the millions getting the mail who would have birthday around that day, would be likely to check the mail and open the attachment, even if the sender looks like a stranger...

    By Blogger Gaurang, at 3:34 AM  

Post a Comment

<< Home