This Throwback Thursday, we turn the clock back to January 1994, shortly after Cyber Riot had emerged as the first virus capable of infecting the Windows kernel.
Today, malware that affects the
Windows
kernel is ubiquitous – the majority of sophisticated attacks against
Windows
users have at least one component executing in the operating system kernel. But in 1993, the
Windows
kernel remained untouched by malware – and indeed
Windows
viruses were somewhat cumbersome and technically quite simple. That was until Cyber Riot came along.
While previous
Windows
viruses had operated fairly simply, Cyber Riot was the first
Windows
-specific virus to remain resident and to intercept the execute function by infecting KRNL386.EXE. Not only that, but Cyber Riot used several
Windows
functions not documented in any of the Developers’ Kits. Indeed, it can be said that Cyber Riot was one of the first advanced
Windows
viruses.
VB
‘s full analysis of Cyber Riot, from January 1994, can be read
here
in HTML-format, or downloaded
here
as a PDF (no registration or subscription required).
Posted on 30 July 2015 by
Helen Martin
Leave a Reply