Fandom

Virus Information

Payload

245pages on
this wiki
Add New Page
Talk0 Share

Payload is any action done by a program aside from the act of spreading in itself. The payload of a virus or worm can range from irreparably damaging the operating system or even the BIOS (as the CIH virus) or almost nothing (as the Badtrans worm) or even something benevolent like removing a malicious program (some variants of Sasser or YahaSux). Sometimes a payload is a consciously coded part of the program, as with the Ramen worm, or it could be simply be a product of its existence and spreading, as with the Slammer worm.

Virus and worm creators who want to do deliberate damage to a large number of computers face the dilemma of destructiveness versus spreading ability. Code that destroys its host too quickly and too badly kills its chances to spread once the host is crippled or destroyed. In addition, they are noticed faster and potential victims are given warnings of what to look out for to protect against it. Something that does no damage not only has a healthy host to send more copies of itself from, but it also may go undetected longer.

A few examples of this theory in action include the spreading of Magistr versus Netsky, Navidad versus Sober or DBase versus Vienna. The first of each pair destroys files, the operating system or even the whole computer. The second either does nothing but spread or even something benevolent. Netsky.P deletes registry keys that cause the Beagle, Mydoom, Deadhat and Welchia worms to spread.

SourcesEdit

Alison Diana. E-Commerce Times, Does the Killer Worm Really Exist? 2003.09.11

Trend Micro Antivirus, WORM_NETSKY.P. 2004.03.21

Mary Landesman. Antivirus About.com, Magistr.

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.