I got curious — how did people even catch viruses on their computers? Was it something a friend sent? Or maybe they downloaded a cracked game or some shady program? Share your stories — would be interesting to read.
One popular way was that Internet Explorer 6 included something called ActiveX, which basically allowed any website to run code on your computer as though it was a locally-installed program. You could just click on some URL and next thing you know it’s writing files to your hard drive. This is one of the main reasons why the Internet Explorer 6 / Windows XP era was particularly virus-filled. A website could open your freaking CD tray.
From the ActiveX wikipedia page:
Developers had to register with Verisign (US$20 per year for individuals, $400 for corporations) and sign a contract, promising not to develop malware.
Promising not to. And they did it anyway. The bastards.
when i was a kid, internet explorer on our family pc had 5 toolbars because someone just clicked next next next on all the installers.
A website could open your freaking CD tray.
Ah, memories.
I worked for a small company, not an IT job, this happened like 10 years ago.
The office administrator lady got an email from an unknown address. The email was in Italian, she couldn’t speak Italian, but we had an Italian client, so it was not unexpected that we got an email in Italian. The email had an attachment, a docx file. She downloaded it, opened it then Word asked if she wants to allow running macros embedded in the document, and she obviously clicked yes. We had a small Linux file server, and the virus running on her PC encrypted several tenthousand excel files before it was noticed that something is happening and her machine could be switched off.
No problem - said the boss, we only lost a half day of work, as we have an offsite backup, it runs every night, we can just restore yesterday’s data. Unfortunately the backup stopped half years ago, but no one checked the logs…
Man this Story hat so many plot twists in it…
Takeaway for the Story is: If you don’t have a backup of your file and you don’t monitor the backup process and you don’t tested that your backup can actually be restored and you don’t have a redundancy backup… Than yours file isn’t saved.
Gotta check those backups
We recently had a funny problem. Our service ran fine, but a postgres upgrade failed because some pg internals were broken (broken ref ids). Dumping the DB also failed for the same error. Reading and writing was still fine, though. So we restored backup after backup… no dice. They all had the same issue: it was working for the service but we couldn’t perform any maintenance. Ultimately we had to “manually” dump the data of the service and replay it into a fresh db. That took quite long. But that was interesting, since even the verification of the backups didn’t help us notice that kind of corruption.
I have had to do similar with a db at my job.
Backups passed verification but we had a lot of weird issues, like queries getting stuck, or not returning records that were definitely there.
Ended up having to manually recreate the schema and import records from a manual data dump because something in the db file itself was messed up.
I have a friend, curently doing a master in cybersecurity, got ransomware’d because he cracked a game on a fake fitgirls site :')
So it’s a masters with practical experience.
“Download”… More like exchange infected floppy disks with friends.
Yeah, I never had a virus or heard of somebody get a virus for real since floppy disks times.
Back in the Windows Vista days I got pwned visiting a web site with an infected ad or script or something. It was a no-click exploit – just the act of visiting the page itself got me infected.
I only got infected once that I know of. I had trouble reading from a floppy disk and so I set scandisk running on it and went to get some lunch. When I came back there had been a short power out and when it came back on my machine had rebooted with the disk in it which ran on startup and infected the machine. Thankfully it was non-destructive and I was able to clean it out with tools I had on another machine.
Before everyone had Internet at home? Well, there were bulletin boards, but even without those? Yeah, swapping floppies was how they got around. I got hit a few times as a teen, but the worst one actually came from a legitimate copy of a game I bought secondhand. It got into the boot sector and I had to nuke the HDD from orbit to get rid of that one. I’m just glad that software BIOS updates weren’t a thing yet.
