In 1999, the Melissa virus spread through the Internet, causing problems for over hundred thousand computer owners. In this article, we shall study the origins, working, symptoms, and much more about the Melissa virus.
Did You Know?
After being arrested for creating the Melissa virus, David Smith worked with the FBI to catch several international virus writers, using his contacts to work out a deal to reduce his sentence from 10 years to 20 months.
What is the Melissa Virus?
Also known as the Simpsons, Kwejeebo, Kwyjibo, or Mailissa virus was one of the most destructive computer viruses of the time. The virus was created sometime during the spring of 1999 by a man named David Smith from New Jersey. It was designed to spread from one computer to the next through email messages. It was first discovered by some antivirus and Internet security companies on March 26, 1999. The virus spread through the Internet at a very fast rate, and caused a lot of trouble to private sector and government networks, causing many Internet services to be disrupted, and forcing companies to temporarily shut down email services. The virus received a lot of attention, as it was one of the first mass-mailing viruses, which also ended up as the fastest-spreading virus of the time.
How Did it Work?
Based on MS Word 97 macro, the Melissa virus worked by spreading through email messages. The virus appeared in the recipient’s inbox marked as an important message from someone known, with a Word document named LIST.doc or ANNIV.doc attached. It tempted one into opening the message, with a title like ‘Here is that document you asked for. Don’t show it to anybody else.’ However, once the document was activated, the virus replicated itself in other Word documents, and sent itself out as a spam email to the top 50 people in the address book of the recipient’s email account. This often lead to confidential information in Word documents being leaked out through emails. As Melissa required user interaction to work, it was not considered to be a worm.
The virus was not readily apparent to computer users, and often required experts to detect it. It could be identified through certain symptoms, such as crippled email systems, which sent out confidential information of an infected computer. However, prevention was the best way to stop the virus, and identifying the subject and the name of the file would be enough to mark the email as spam and keep the computer safe. A common test to check the virus was to execute the suspicious file when the minutes of the hour matched the day of the month. If this was done, the virus would insert text into an open MS Word document: ‘ Twenty-two points, plus triple-word-score, plus fifty points for using all my letters. Game’s over. I’m outta here.’
Although the Melissa virus did not damage or delete any files, it was a serious breach of security, which had many harmful effects, such as overloading email servers, causing companies like Microsoft and Intel to temporarily shut down some services. The virus affected hundreds of thousands of computers, usually those which operated MS Word and Outlook on Windows 95, 98, and NT, and Macintosh operating systems. This created chaos across the Internet, which caused investigative agencies, such as the FBI, the New Jersey State Police, and some Internet service providers to get involved to find the perpetrator. Although the virus did not cripple the Internet completely, it was the first virus to receive extensive coverage by the media, besides wide public attention. These attacks also led to monetary loss of around USD 1.2 billion, and breakdown in communications for several private companies. Other variants of such as viruses named Papa and Melissa.a and Melissa.i also soon came out, adding to the confusion.
How Was This Virus Stopped?
The author of Melissa virus posted the infected file on a popular newsgroup masquerading as a list of passwords to various websites. This post was easy to track for the investigators through the email address and I.P. Address of the computer it was sent from. This data was used to locate and arrest David Smith. Once Smith was arrested and accused of the crime, a lengthy and extensive trial took place. However, Smith lost the case, and after negotiating a plea-bargain for creating the Melissa virus, he received a jail sentence of 10 years, of which he served only 20 months, along with a fine of USD 5,000. He was also prohibited from accessing computer networks without authorization, by the court. It was later revealed that the Melissa virus was named after an exotic dancer David Smith had seen in Florida. Despite the author being caught, the virus continued to spread for many months, until software manufacturers could eventually create suitable patches to stop its progress, almost completely. There are very rare cases where files infected with the Melissa virus are found through emails today.
Although widespread, the Melissa virus was not created with monetary gains in mind. Rather, it was used just with the intention of causing mischief, unlike most virus attacks today. Nowadays, the business of viruses is all about big money, and it is up to users to constantly update their antivirus software, and also use discretion while surfing the Internet.