19 years ago we experienced one of the worst Windows viruses

19 years ago we experienced one of the worst Windows viruses

It has a cute name, however, in 2003, this worm launched many DDoS attacks against Microsoft servers.

When we are mentioned Gusano Blaster, the name of a video game may come to mind or, given the current situation regarding viruses, it seems like a new strain of something unknown. And, in reality, virus is, but not something that we do not know, since its name has become quite well known.Well, today marks the 19th anniversary of that year 2003, in which this computer worm carried out one of the worst attacks on Windows in history. And it is that, also known as MSBlast and Lovesan, this was detected for the first time on August 11 of that year.

Its target was clear, and in this case it was the Microsoft Windows XP and Windows 2000 operating systems. The worm attacked computers by taking advantage of a company security flaw and created Distributed Denial of Service (DDoS) attacks against the Microsoft website, forcing them to remove Windowsupdate.com.

It affected more than 100,000 Microsoft computers. The virus spread automatically to other machines by transmitting itself through email and other systems in an impressively fast and unstoppable way.

What is a computer worm and how does it work?

To put it in context, a computer worm is a type of malware that spreads copies of itself from one computer to another. This process requires no human interaction and does not need to be attached to a software program to cause damage.

These are usually transmitted through vulnerabilities, although, as in this case we are talking about, they can also arrive as attachments in spam emails or messages.

Once opened, these files may provide a link to a malicious website or automatically download the computer worm. Once installed, the worm silently goes to work and infects the machine without the user even noticing.

As for the damage that they can cause, we find the deletion of files and they can even carry additional malicious software that transfers it to the same computer.

Logically, apart from gradually eating up space on our computer’s hard drive, occupying it with its replicas, it can overload the network and leave the door open for a hacker to take control of the machine.

How the Blaster Worm Infected Systems in 2003

During the months of January to August, it launched a denial of service against the windowsupdate.com website. Then, for the rest of the months (September to December), the attack occurred on a daily basis.

The Blaster worm caused the system to reboot every 60 seconds and, on some computers, caused a blank splash screen.

As it has become known over time, it took advantage of the buffer overflow bug and spread by sending spam to a large number of IP addresses. This downloaded the file “msblast.exe” in the Windows directory and executed it. If it managed to settle, you were lost and the spread was unstoppable.

Once it had infected a giant network, it would proceed with the attack quickly because firewalls did not prevent internal machines from using a specific port. So to speak, he seemed unstoppable.

The worm’s executable file contained a message referring to Microsoft co-founder Bill Gates: “Billy Gates, why are you making this possible? Stop making money and fix your software.” There was one more message “Just want to say Love you San ” which gave Lovesan an alternate name.

This used the affected computers as a means of propagation to spread the virus to other machines. Many security specialists called that year one of the worst in history for viral threats, posing a huge risk to the security of Internet users.

The flaw was later exposed by the Last Stage of Delirium (LSD) security group. Later it became known with certainty that the affected operating systems were Windows XP, Windows NT 4.0 and Windows 2000 . Once the vulnerability was exposed, thanks to that team, Microsoft published two different patches (MS03-026 and MS03-039) on its website, which solved the situation.

Its creator, 18-year-old Jeffrey Parson, was arrested and eventually sentenced to 18 months in prison.



Thalla Lokesh is the founder of Technicalwebhub. He is an expert in Search Engine Optimization, and Social Media Marketing. He is a Professional Blogger. He has worked in Website Development, Blogging, Search Engine Optimization, and Online Marketing for the past couple of years.

Leave a Reply