Melissa (computer virus)

From Justapedia, unleashing the power of collective wisdom
(Redirected from David L. Smith (hacker))
Jump to navigation Jump to search
Melissa
Common nameMelissa
Technical name
TypeMacro virus
Author(s)David L. Smith
Operating system(s) affectedWindows 95, Windows 98, Windows Me, Windows NT, Windows 2000, Windows XP[2]

The Melissa virus was a mass-mailing macro virus released on or around March 26, 1999. It targeted Microsoft Word and Outlook-based systems and created considerable network traffic. The virus would infect computers via email; the email was titled "Important Message From," followed by the current username. Upon clicking the message, the body would read, "Here's that document you asked for. Don't show anyone else ;)." Attached was a Word document titled "list.doc," containing a list of pornographic sites and accompanying logins for each. It would then mass-mail itself to the first fifty people in the user's contact list and disable multiple safeguard features on Microsoft Word and Microsoft Outlook.

Description

The virus was released on March 26, 1999, by David L. Smith.[3] Smith used a hijacked AOL account to post the virus onto an Internet newsgroup called "alt.sex."[4] And it soon ended up on similar sex groups and pornographic sites before spreading to corporate networks. However, the virus itself was credited to Kwyjibo, the Macro virus writer for VicodinS and ALT-F11, by comparing Microsoft Word documents with the same globally unique identifier. This method was also used to trace the virus back to Smith.

The "list.doc" file contained a Visual Basic script that copied the infected file into a template file used by Word for custom settings and default macros. If the recipient opened the attachment, the infecting file was read to computer storage. The virus then created an Outlook object, read the first 50 names in each Outlook Global Address Book, and sent a copy of itself to the addresses read.[5]

Melissa worked on Microsoft Word 97, Microsoft Word 2000 and Microsoft Outlook 97 or 98 email clients. Microsoft Outlook was not needed to receive the virus in email, but it was unable to spread via other emails without it.

Impact

The virus slowed down email systems due to overloading Microsoft Outlook and Microsoft Exchange servers with emails. Major organizations impacted included Microsoft, Intel Corp,[6] and the United States Marine Corps.[7] The Computer Emergency Response Team, a Pentagon-financed security service at Carnegie Mellon University, reported 250 organizations called regarding the virus, indicating at least 100,000 workplace computers were infected. Although the number is believed to be higher.[8] An estimated one million email accounts were hijacked by the virus.[9] The virus was able to be contained within a few days, although it took longer to remove it from infected systems entirely. At the time it was the fastest spreading email worm.

Arrest

On April 1, 1999, Smith was arrested in New Jersey due to a tip from AOL and a collaborative effort involving the FBI, the New Jersey State Police, Monmouth Internet, a Swedish computer scientist, and others. Smith was accused of causing US$80 million worth of damages by disrupting personal computers and computer networks in business and government.[10][11]

On December 10, 1999, Smith pleaded guilty to a second-degree charge of computer theft[12] and a federal charge of damaging a computer program due to releasing the virus.[13]

On May 1, 2002, he was sentenced to 20 months in federal prison and fined US$5,000.[14][15]

See also

References

  1. ^ "Virus:W32/Melissa Description | F-Secure Labs". www.f-secure.com.
  2. ^ "W97M.Melissa.A". Symantec. Retrieved 9 February 2013.
  3. ^ Poulson. "Justice mysteriously delayed for 'Melissa' author". The Register.
  4. ^ "Melissa Virus". Federal Bureau of Investigation. Retrieved 2022-04-01.
  5. ^ "What is the Melissa Virus?". SearchSecurity. Retrieved 2022-04-06.
  6. ^ "Melissa virus hits Outlook e-mail - Mar. 29, 1999". money.cnn.com. Retrieved 2022-04-01.
  7. ^ McNamara, Paul (2014-03-25). "Melissa virus turning 15 … (age of the stripper still unknown)". Network World. Retrieved 2022-04-01.
  8. ^ Markoff, John (1999-03-30). "Digital Fingerprints Leave Clues to Creator of Internet Virus". The New York Times. ISSN 0362-4331. Retrieved 2022-04-01.
  9. ^ "Melissa Virus". Federal Bureau of Investigation. Retrieved 2022-04-01.
  10. ^ Tracking Melissa's alter egos, ZDNet, 1999-04-02
  11. ^ "The Melissa Virus: An $80 Million Cyber Crime in 1999 Foreshadowed Modern Threats". Federal Bureau of Investigation. Retrieved 2022-10-24.
  12. ^ Lemos, Robert. "Smith pleads guilty to Melissa virus". ZDNet. Retrieved 2022-04-01.
  13. ^ "Melissa virus creator pleads guilty". BBC. 1999-12-09.
  14. ^ "Creator of Melissa Computer Virus Sentenced to 20 Months in Federal Prison" (Press release). U.S. Department of Justice. 2002-05-01. Retrieved 2006-08-30.
  15. ^ "Press Release: Creator of Melissa Computer Virus Sentenced to 20 Months in Federal Prison (May 1, 2002)". www.justice.gov. Retrieved 2020-01-05.

External links

Retrieved from "https://justapedia.org/index.php?title=Melissa_(computer_virus)&oldid=1118672404#David_L._Smith"