It was 1999. I just got my first computer from my parents. It was a Compaq Presario. It was a beautiful thing. I couldn’t wait to start doing something with it. Anything.
So the first thing I did was download and install anything and everything my more computer savvy friends asked me to. And it was fun. Let me tell you if you are new to computers, downloading and installing new application is a feeling that is close to opening Christmas presents for a kid. I still remember that feeling and it was awesome. It was also a time of innocence, even for pro computer users. You didn’t think much before downloading anything from the web. Pop-ups were everywhere and anti-viruses didn’t do much of a good job. And of course, Windows 98 was a breeding place for all kinds of Malware and viruses (not that it changed much).
So during one of my download spree, with a 56k dial-up connection, someone mentioned I should try out mIRC. IRC channels used to be big back then. It’s not exactly dead now, but the usage is nothing compare to what it used to be. Channels with 500-1000 users were the norm (so were network splits). Nowadays you will have a hard time trying to find a channel with more than 100+ users with very little activity. I also got introduced to file sharing with IRC, not from Napster, Direct Connect or Kazaa. It’s funny because sharing files on IRC are less user-friendly than the other more popular options.
So as mentioned, I loved to download and I was downloading like crazy. Anyone who knows how IRC downloading works is that you get prompted when someone is trying to send you a file. You can accept or reject the download or set your IRC client to auto-accept all downloads. Because I was in the queue to download so many stuff and I was not always in front of the computer to manually accept each download. My setup auto-accepts all downloads. Meaning anyone and everyone can send me anything they want.
That’s how got my first virus. Not from email (more popular virus medium back then) but from IRC.
There were users who would run automated scripts/bots in this file sharing channels and send virus embedded files to everyone. But you need to actively run the file to install the virus. My first virus was a Sub7 virus. It an RAT (Remote Administration Tool) virus. Though it was used for a malicious purpose, it could also be used for legitimate and useful reasons. It’s very similar to how modern day Remote Desktop works. Sub7 (like all RAT viruses) had two portions. The Server and the Client. The Server gets installed on the victim’s computer and you use the client to remotely control the victim’s computer.
I don’t remember when or which file caused me to install the server, but it was definitely during one of those unattended downloading sprees on IRC. Back then anti-viruses did a really piss poor job at detecting and removing viruses. It truly was a wild wild west. The scariest part of the sub7 virus was that most script kiddies back then would configure sub7 to use the default port with no password (default configuration) so that anyone anywhere with a sub7 client could connect and control a victim’s computer. All they had to do was scan a range of IP address for an open port and they would find someone with a sub7 server installed because it was kinda popular back then. Alternatively, a script kiddy could scan people on IRC file sharing channels for more positive results. Which is probably how I got infected by one person but controlled by a different user.
The guy who took over my computer via sub7 was thankfully a good guy. Back then, it was relatively easy to fatally screw up a windows system. He could have done some serious damage if he wanted. Instead, after having his fun scaring me and doing the usual; randomly shutting down my computer and opening up my cd tray at random times and chatting with me with a pop-up window and watching me with my webcam (without my knowledge). I was intrigued and scared a bit. I still didn’t know how he was doing what he did, I did know that it was a virus and I naively believed that having an anti-virus that came with my computer was good enough to protect me. I felt helpless because I had no idea how to fix it and neither did any of my friends.
Finally, the guy decided he had enough fun and walked me through the process of removing the virus and how to better protect myself from future incidents. Even after cleaning my computer with sub7 and other viruses I might have had, we kept in touch over email for several months. He taught me many things about computer security and general computer related things I was curious about. He never revealed much about himself, though.
If you can ignore the snooping on me via webcam and dicking around with my computer part, he was a true gentleman and a scholar and made my first encounter with a computer virus a pleasant and learning experience.
How was your first experience with a computer virus? Share your experience in the comments, I would love to know.