It’s already been 13 years since the powerful Blaster worm has hit the world. This may have yet been the first malware that attacked computers that were connected to important machines and institutions. Back then, many Windows XP systems were affected by this virus.
Unlike the conventional virus that can cause an infection by opening an e-mail attachment or being redirected to a malicious URL, the Blaster worm is a worm type of infection, meaning that it had the ability to directly infect a computer. This means that if your computer is simply connected to the internet, it is at risk of being infected.
The main danger of the Blaster worm was what it was mainly programmed to do. It was made to create SYN-type of flood attack. Such attacks are a type of a DDoS attack, and they have the ability to drive swiftly out of service every machine it infects.
The Blaster worm was spread via a so-called buffer overflow type of exploit, and it had four different variants. It was able to successfully infect Windows 2000 and Windows XP systems as well. But the virus also caused other Windows OS’s like Server 2003, NT and XP to be unstable as well.
After an infection with Blaster occurred, the computer usually causes the infected system to Shut Down, displaying a pop-up type of message:
“This system is shutting down. Please save all work in progress and log off. Any unsaved changes will be lost. This shutdown was initiated by NT AUTHORITY\SYSTEM
Time before shutdown: {hh:mm:ss}
Message:
Windows must now restart because the Remote Procedure Call (RPC) Service terminated unexpectedly.”
Besides this, the Blaster Worm was also reported to reach a global scale of infection in the size of the hundreds of thousands of machines.
After a successful reverse engineering, malware researchers have established the virus to have the following message in it’s Hex code:
billy gates why do you make this possible? Stop making money and fix your software!!”
In response to this virus, Microsoft has released two patches for Windows:
- MS03-026
- MS03-039
The Consequences and Theories After Blaster
This worm is probably the most impactful malware written so far, primarily because of the damages it had done to facilities and machines that at that time (the year 2003) were affected.
The result’s for government computers after this worm hit was approximately 6% of those computers being infected with the virus in the Massachusetts state.
There were other states and agencies that were also affected such as the Maryland’s Department of Motor Vehicles and the U.S. Court of Federal Claims.
The worst that Blaster may have done causing a complete Blackout of the whole Northeast and Midwest U.S. areas. This was a complete blackout and approximately 50 million people across the US, making it the world’s second blackout in history.
Picture Courtesy: nydailynews.com
After the reports for this Blackout had come out, the government concluded that this was a software bug in the system for alarms of a control room of a Power Plant that is located in Ohio. However, many malware researchers, such as the well respected Mikko Hypponen have researched the situation and believe that the Blaster worm may have been the cause of this because the symptoms and the activity methodology are very similar to what the Blaster virus does to a computer.
Whatever the case could have been, the result of it was many people left stranded on the streets of New York City and the whole Northeast area of the US:
Picture Courtesy: nydailynews.com
What About The Future?
There are many scenarios when it comes to the future. On one side, malware attacks like the massively spread Stuxnet virus and the Blaster worm hint us that there is a serious problem with cyber-security. The convenience of the Internet has pushed businesses to apply it on many systems. Nowadays, everything is connected to the internet – government agencies, power plants, robots that build other machines, cars, and other objects. What is worse, is that computers with Wi-Fi and Bluetooth and other wireless connections are input in more and more items of our daily live:
- Cars.
- Trains.
- Busses.
- Refrigerators.
- Watches.
- Wallets.
More and more items take up our daily lives, and this transition period of “internetifying” everything is known as the Internet of Things. What many fail to realize, however, is the dangers this type of transition may pose are massive. The blackout that was caused was in 2003, and a lot has changed since then, but malware has also changed, and many believe that the scenario of similar scale attacks is very real.
If a hacker group wishes, they can take control of anything they want, and this has pushed governments into increasing their surveillance in attempts to respond faster to cyber-criminal attacks. However, this is not enough, and many attacks are still occurring, and the results of them are usually devastating to an organization, group of people or institutions.
This is why many “white-hat” (morally responsible to do good) hackers are convinced that they should unite and do something about this massive cyber-warfare which is going on in the 21st century and protect our society. Security experts report that hacks are not going on just between activists and governments but for many different reasons. Some researchers believe that governments writing malware to spy on other governments Is a very real thing, and attacks of such type are occurring on an hourly basis all over the world.
Luckily, hacking has also become a lucrative business as well, and many hackers use their power to look for zero-day bugs in different software or newly released devices, making them sort-of the bounty hunters of the hacking world and this is a good thing, because the organizations owning such software have their products patched up, and these hackers receive credits. However, many malware and coding experts are also convinced that as long as coding exists, there will be a real risk of finding bugs. And here we are at a very interesting times regarding cyber-security where nobody knows what may happen tomorrow and who may cause a power cut or any other type of hack that may affect us little or a lot.
Ventsislav Krastev
Ventsislav is a cybersecurity expert at SensorsTechForum since 2015. He has been researching, covering, helping victims with the latest malware infections plus testing and reviewing software and the newest tech developments. Having graduated Marketing as well, Ventsislav also has passion for learning new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management, Network Administration and Computer Administration of System Applications, he found his true calling within the cybersecrurity industry and is a strong believer in the education of every user towards online safety and security.
Follow Me: