- Sécurité informatique - Vie privée sur le Web - Neutralité d'Internet

Les dernières grandes affaires de diffusion massive de support contaminés (CD-ROM & Floppy Infections)

Windows 1.0 est sorti en novembre 1985 et n'a pas d'existence réelle. La première version qui tienne à peu près la route sera la 3.1 d'avril 1992. Les fichiers « autorun.inf » ou « autorun.exe » n'existe pas encore.

  1. Dans son numéro de mai 1991, la revue informatique Soft & Micro, que l'on trouve dans tous les kiokes à journaux et que l'on reçoit sur abonnement, est victime d'une erreur de manipulation par la société chargée de la duplication des disquettes qui vont être offertes gratuitement avec cette revue. Deux hackers ont introduit le virus Frodo sur une disquette de démonstration d'un logiciel qui n'a rien à voir avec la disquette de Soft & Micro. La société de duplication manipule cette disquette sans s'apercevoir qu'elle est contaminée. En assemblant le « master » (la « maquette ») de la disquette pour Soft & Micro, avant de mettre ce « master » en duplication, Frodo saute sur ce « master ». La duplication est lancée et Frodo se retrouve sur les 60.000 disquettes distribuées. Malheureusement, entre autres, une société dont le métier est de prendre en sous-traitance la comptabilité de milliers d'entreprises est contaminée et contamine ses clients ! Une plainte est déposée. Un procès va durer 4 ans avec appel, cassation et nouveau procès. Soft & Micro ne s'en remettra pas et disparaîtra (absorbée par la revue SVM). La 10.02.1994, la 29ème chambre correctionnelle de Paris condanne :
    • Les deux employés de la société de duplication à 2 ans de prison avec sursis et à 1 million de francs de dommages et intérêts au profit de Soft & Micro
    • 2 millions de francs de dommages et intérêts au profit des auteurs du logiciels qui devait être promu et vendu grâce à cette disquette publicitaire. au profit.
    • 500.000 Frs de dommages et intérêts au profit du cabinet comptable victime du virus

    Ils iront en appel le 15.03.1995, qui confirmera les dispositions du 10.02.1994 de la chambre correctionnelle, puis ils iront en cassation. La Cour de Cassation, Chambre criminelle, du 12 décembre 1996, 95-82.198, cassera l'appel en toutes ses dispositions pour qu'il soit à nouveau jugé. Il est trop tard. Soft & Micro n'existe plus.

  2. En 1997 : la version de démonstration de Vellum 3D 3.0, pour Windows 95 & NT et Power Macintosh, embarque le virus Macintosh MDBF.
  3. En 1998, plusieurs magazines spécialisés en informatique distribuent des disquettes infectées par CIH (Tchernobyl) et Marburg.
  4. En 1999, Microsoft diffuse une version bêta de Microsoft Office 2000. Le CD-ROM 3 embarque le virus Laroux (le 1er macro virus Excel).
  5. En 1999, IBM vend des ordinateurs neufs, Aptiva. Le système d'exploitation est infecté par le virus CIH (plus connu sous le nom de Tchernobyl).
  6. En 1999, le CD-Rom de LinuxPPC (Linux for Power PC) version 5 est infecté avec le virus AutoStart. L'origine du virus est localisé en Chine et on s'apperçois que ce sont tous ces CD-Rom, et probablement d'autres, qui sont infectés par le virus AutoStart :

    1. Linux for Power PC distribution de la version 5
    2. Sierra's Hoyle Card Games CD for Mac or Windows (Autostart.D)
    3. Brio Enterprise 5.5.5
    4. A "" CD
    5. MOTU Digital Performer 2.43
    6. Arboretum
    7. APS
    8. MacWorld Games
    9. MacAddict (Autostart.D)
    10. An Agfa Scanner driver CD
    11. A GCC printer installer CD
    12. A Xante printer utility CD (Autostart.D)
    13. Konica « Picture Show » (floppy, also with an unnamed trojan)
    14. A BIOPAC demo CD
    15. CoStar LabelWriter
    16. A Tony Stone stock photos CD (some were found with "signs of infection", but no actual worm)
    17. Umax Astra 1220U Scanner Driver (with multiple viruses)
    18. A Digital Performer CD
    19. An IPEX 98 CD
    20. An Alfa Romeo advertisement CD
    21. MacAcademy
    22. A Marilyn Manson CD (a "dead" non-working copy)
    23. An NFOEC Proceedings library CD
    24. Photo/Graphic Edges 4.0
    25. The SIS Nostalgia Collection
    26. Digital Vision (several UK titles)
    27. Typeadelic
    28. Activision Pukka PR
  7. Etc. ... Voir le paragraphe ci-dessous (« Derrière le rideau ») pour d'autres nombreux exemples.

Aujourd'hui, Internet à totalement modifié la distribution des virus qui cherchent la contamination massive par le biais du réseau (Spam, BotNet, Exploit, etc. ...). Mais vous n'êtes pas à l'abri d'un copain qui déboule chez vous avec sa clé USB en hurlant : « Regarde le truc génial que je viens de trouver » et qui insère sa clé USB contaminée dans votre machine.

Sans être paranoïaque, la prudence est mère de sureté. Donc, on désactive les démarrages automatiques.

Supports gouvernementaux / commerciaux / de presse / d'éditeurs de logiciels, tous interlocuteurs de confiance, infectés par des virus. Mise à jour septembre 1996.

                                                        Sep 96
STEWS-GC-SD-S (380-19a)
SUBJECT:  Viral Infections in Commercial/Government Media/Software
1.  The following list, compiled from VIRUS-L,  RISKS-FORUM  and
other  public sources,  identifies  virus infections transmitted
through either commercial or government  entities  in  which  the
distributor  would  generally  have  been considered  to  be a
"reputable source".  If anyone has additional incidents, I would
appreciate receiving such information so that I  may  update  this
list.  Any contributor will receive the appropriate credit.
2.   I  have  consciously  omitted those incidents in which there
was suspicion that the reporting location was either suspect,
unsure itself as to the  source of  the  infection,  or  unwilling
to provide full disclosure.  I have placed an asterisk (*) besides
those entries which represent an addition from the previous list.
    a.  Unlock Masterkey  Kennedy Space Center Oct 89   Vienna
    b.  SARGON III        Iceland              Sep 89   Cascade
    c.  ASYST RTDEMOO2.   Fort Belvoir         Aug 89   Jerusalem
    d.  Desktop Fractal   Various              Jan 90   Jerusalem
    e.  Bureau of the     Government Printing  Jan 90   Jerusalem
        Census, Elec.     Office/US Census
        County & City
        Data, 1988
    f.  Northern          Iceland              Mar 90   Disk-
        Computers                                       Killer
    g.  Far Side Moon     Japan                Apr 90   Nambal/
        Artdink Inc.                                    NambaII
        (PC Manufacturer shipped infected systems.)
    h.  PC Today          United Kingdom       Jul 90   Disk-
(Magazine distributed non-working copy of virus.)       Killer
    i.  Modular Circuit   Padgett Peterson     Oct 90   Stoned
        Technology Utility
    j.  DOS-TREND         Christoph Fischer    Nov 90   Stoned II
        (Magazine distributed infected disks in Issue 10/11.)
    k.  PC Benelux World  David Ferbrache      Nov 90   Cascade
    l.  Shimadzu Photo-   Dr. Werner Klotz-    Nov 90   Vienna
        detection Detec-  buecher, Germany
STEWS-GC-SD-S (380-19a)                                     Sep 96
SUBJECT:  Viral Infections in Commercial/Government Media/Software
        tor SPD-M6A Version 2.14
    m.  Joint Service     Fred O'Kelley        Nov 90   Stoned
        Software System   El Paso, TX
        (Contractor installed financial system at multiple Army
         sites from an infected disk.)
    n.  Arkanoid II       Alex Jauch           Nov 90   Jerusalem
    o.  Modem Protocall   Brian Daniel         Dec 90   Stoned
        One Modem         Columbus, GA
        Evaluation Novell
        IPX & NETBIOS Version
        (LAN Source Technologies Distributing distributed.)
    p.  COMBASE and SVGA- Michael Head/        Dec 90   Music Bug
        Utility           R. Wallace Hale
    q.  A-MAIL VCH BIBLIO Lynne Munro          Mar 91   1701/1704
        Disk 2 of 2       Oxford University
    r.  Oracle Windows'   Sam Daniel           Jul 91   Stoned
        DDE/Toolbox Demo  Unisys
    s.  European Patent   Iain Noble,UK        Aug 91   Stoned
        Office            (Reported in New
        Bulletin Disk      Scientist, 10 Aug 91)
    t.  Sun Microsystems  DOE CIAC Bulletin    Sep 91   Jerusalem
        PCNFS 3.5b        B-40
    u.  Cypress Semi-     Padgett Peterson     Sep 91   Stoned
        MAXPROG, version 2.72C
    v.  PUMPKIN PATCH     Various              Oct 91   Jerusalem
        Screen Saver,
        Publishing International
    w.  PC Paintbrush     John-David Childs    Oct 91   Michel-
        Update Disk       University of Montana         angelo
        from Z-Soft (one site report)
    x.  Software          John Kida            Nov 91   Stoned
        Demo Disk
    y.  NTIS Software     Various              Nov 91   Stoned
        Distribution      (Federal Computer
                            Week, November 4, 1991)
    z.  Zinc Software     PCWeek, 25th Edition Nov 91   Form
        C++ Library Disk
   aa.  Virtual Reality   PCWeek, 25th Edition Nov 91   Michel-
        Lab Distant Suns                                angelo
   ab.  Novell Network    DOE CIAC Bulletin    Dec 91   Stoned-3
        Encyclopedia      C-10
   ac.  Konami Inc.       John Markoff         Dec 91   Stoned
        Spacewrecked      NY Times
        Game Disk
   ad.  Software Pre-     AISS  Alert 91-18    Dec 91   Michel-
STEWS-GC-SD-S (380-19a)                                     Sep 96
SUBJECT:  Viral Infections in Commercial/Government Media/Software
        loaded in AUVA                                  angelo
        350/25 Systems
        (Assembled in Taiwan for Information Management
         Consultants, Brookfield, WI)
   ae.  Software Pre-     USAISC-AMC Memo      Jan 92   Michel-
        loaded in Easy                                  angelo
        Data Model 386
        Systems from Trident VGA Co.
   af.  Leading Edge      National Public      Jan 92   Michel-
        Preloaded 6,000   Radio                         angelo
        PCs from 10-27
        Dec 91
   ag.  PC Fun Magazine   Nick FitzGerald      Jan 92   Stoned
        Disk              New Zealand
   ah.  Da Vinci Systems  Various              Feb 92   Michel-
        E-Mail 2.0 Demo                                 angelo
   ai.  Meridian Data     Tim Martin           Feb 92   Michel-
        Inc. CD-ROM                                     angelo
        Software (special disk shipment to one site)
   aj.  WIN Laboratory    Virus-L              Feb 92   Stoned
        Systems Preloaded
        with MS-DOS 4.01
   ak.  Sony Laser        Virus-L              Feb 92   Dark
        Library                                         Avenger
        Distribution Disk
   al.  IntelCorp         Peter Neumann        Mar 92   Michel-
        LANSpool          SRI                           angelo
        3.01 Disk
   am.  Symbol Techno-    Chris Bray           Mar 92   Michel-
        logies Preloaded                                angelo
   an.  Neural Networks   Bart Kosko           Mar 92   Michel-
        & Fuzzy Systems                                 angelo
        Book with Infected
        Disk (one site report)
   ao.  Chicony Corp      John Qualtrough      Mar 92   Michel-
        Keyboard Tracking White Sands                   angelo
        Ball Software
   ap.  Pionex 386 Pro    Al Guiterrez         Mar 92   Michel-
        System Preloaded  White Sands                   angelo
        with DOS 5.0
   aq.  Lotus Development PCWeek               Mar 92   Michel-
        Corp CD/Networker March 9, 1992                 angelo
        LAN Version
   ar.  Netware Support   Ken Haynes           Mar 92   NoInt
        Encyclopedia      900 Support/LAN
        (NSE) Standard    Magazine
STEWS-GC-SD-S (380-19a)                                     Sep 96
SUBJECT:  Viral Infections in Commercial/Government Media/Software
        Edition (Novell distributed.)
   as.  Golden/Diamond    Chris Mc Donald      Jun 92   Fish Boot
        International/    White Sands
        System Cactus
        OCR Disk
   at.  DacEasy Inc.      PCWeek               Jun 92   Stoned
        Instant Account-  June 29, 1992
        ing Package
   au.  Phoenix Data      Tim Polk             Jul 92   Michel-
        Systems Diagnos-  NIST                          angelo
        tic Disk for
        Ethernet Board
   av.  Standard Army     TRADOC               Aug 92   Form
        Materials Tracking
        System Disk from
        Wilson Hill
   ax.  International     James McLeod         Aug 92   Stoned/
        Data Systems      Aberdeen Proving              Michel-
        Preloaded 486     Ground, MD                    angelo
        Systems, Model
        IDS 4331
   ay.  Factory Sealed    John Melka           Oct 92   Michel-
        Device Driver     Georgia Institute             angelo
        Disks ID PVGA     of Technology
        1024x (one site report)
   az.  Update Disk #48   Ludwig Schumacher    Oct 92   Michel-
        FAR-TRIEVE,       Mainz, Germany                angelo
        Distributed by
   ba.  Data Disks        Rae Rollins          Oct 92   Form
        from Army         White Sands
   bb.  Physical Sciences Chris Mc Donald      Nov 92   Michel-
        Lab Proposal Disk White Sands                   angelo
   bc.  Star LC24 Print   Otto Stolz           Dec 92   Vacsina
        Driver Disk                                     Loader
                                               (no replication)
   bd.  FUJITSU Germany   Klaus Brunnstein     Jan 93   V-Sign
        Printer Disks     VTC, University of
   be.  DCA Printer       Virus Bulletin       Jan 93   NoInt
        Driver Disks      UK
   bf.  Coleman Research  Chris Mc Donald      Feb 93   Stoned
        Proposal Disk     White Sands
   bg.  GTE Government    M. Hanzlik           Mar 93   Stoned/
        Systems Corp      Fort Belvoir
STEWS-GC-SD-S (380-19a)                                     Sep 96
SUBJECT:  Viral Infections in Commercial/Government Media/Software
        Preloaded 386SX                                 Michel-
        on Contract Number F09603-91-0-0999
   bh.  Hoskyns' Project  Virus Bulletin       Apr 93   Form
        Manager Workbench UK
   bi.  STIG 486 PCs      James McLeod         Jun 93   Stoned
        Preloaded on      Aberdeen Proving
        VGA Disk (50      Ground, MD
   bj.  Telemate          Tapio Keihanen       Jun 93   Stoned
        File TM411-4.     Virus-L/Winfred Hu,
        ZIP               Telemate Author
   bk.  COOP Supermarket  Harvey Stein         Jul 3    Stoned/
        Game Disk, ZOOM,  Virus-L                       DIR-II
        Distributed in
   bl.  CIX Online        Iolo Davidson        Jul 93   Butterfly
        Service Posted    S&S International,
        SPORT21C.ZIP      UK
   bm.  IBIS Training     Joe Reich            Sep 93   Michel-
        Class on Harvard  Fort Monmouth, NJ             angelo
        Graphics with
        Distribution of
        Infected Disks to
   bn.  Long-Term SLA     Linda Hodgson        Oct 93   Form
        Training Class    Pine Bluff, AR
        Distribution of
        Infected Disks to
   bo.  So Much Shareware Bill Lambin          Dec 93   Power
        Vol II CD, Power-                               Pump
        User Software
        Distributed with
        Infected File
   bp.  Oliver Marketing  R. Wallace Hale      Dec 93   Jerusalem
        Inc. Distribution                               /Stoned
        of Demo Disks
        (The date shown is the date of the report, not of the
   bq.  PURS Program Disk Bas van der Most/    Feb 94   SatanBug
        Distributed by    Jim Silsbee, MTMC
        5th Signal Command
        in Europe    br.  Die DFUe-CDROM    Peter Immond         Jun 94   Crusader
        Distributed by    Virus-L
   bs.  Nine Files on     Katherine Prouty     Jun 94   Chill
        PBS Forum on      ZiffNet Forums
STEWS-GC-SD-S (380-19a)                                     Sep 96
SUBJECT:  Viral Infections in Commercial/Government Media/Software
        ZiffNet           Manager
   bt.  Demo Version      Larry Rouse          Nov 94   AntiCmos
        2.0 GPSLOG by     DOE, NV
        Sandia Research
        Associates Inc
   bu.  Preformatted      Virus Bulletin       Nov 94   LZR
        Disks from China  UK
        in Finland and
        Sweden (20,000
   bv.  Laptops Delivered ASSIST Bulletin      Dec 94   Monkey
        by IDP Corp under # 94-35
        Navy Contract
   bw.  Army Distribution Robert Bowlby        Feb 95   AntiCmos
        of Software for
        Internal Use
   bx.  European          Klaus Brunnstein     Feb 95   Gallicia
        Commission Office VTC, University of
        Distributed       Hamburg
        1,000 Disks
   by.  Microsoft         Virus-L              Feb 95   Form
        Distributed 200
        Disks in UK
   bz.  MITSUMI Mouse     Virus-L              Feb 95   Form
        Driver Software
        Model ECM-S31
   ca.  Night Owl 15      Virus-L              Feb 95   Taipan.666
        CD-ROM with
        File DMNCHEAT.ZIP
   cb.  ARTEC/Genius      PC Digest/WS         Mar 95   Anti-Tel
        Mouse Drivers     Computer Publishing
                          Corp, Philippines
   cc.  CD-ROM The Gates  Virus Bulletin       May 95   Tai-Pan
        of the Underworld UK                            & Goldbug
        Distributed by
        Home Grown
        Productions Ltd
   cd.  Data Expert 486   Steve Clark          Jun 95   NATAS
        Systems Preloaded Aberdeen Proving
                          Ground, MD
   ce.  American Online   AFCERT               Jun 95   Bupt
        Distribution      Kelly AFB, TX
   cf.  Merriam-Webster   Information Week     Jul 95   AntiExe
        Electronic        July 3, 1995
        Version of
        Dictionary and
STEWS-GC-SD-S (380-19a)                                     Sep 96
SUBJECT:  Viral Infections in Commercial/Government Media/Software
        Thesaurus (500 Units Shipped)
   cg.  Ford Motor Co.    Tampa Tribune        Aug 95   Monkey
        Public Relations  July 31, 1995
   ch.  Microsoft         Virus Bulletin       Oct 95   WinWord.
        Distribution of   UK                            Concept
        Windows 95 Soft-
        ware Compatibi-
        lity Test Version
        4.0 CD-ROM
   ci.  ServerWare        Virus Bulletin       Oct 95   WinWord.
        Distribution of   UK                            Concept
        Snap-on Tools
        for the Windows
        NT Professional
   cj.  DEC Distribution  Virus Bulletin       Sep 95   WinWord.
        of DECUS Disk     UK                            Concept
   ck.  PC Magazine       Virus Bulletin       Oct 95   SAMPO
        Distribution      UK
        of "Editor's
        Day" Disk
   cl.  Ziff-Davis UK     Virus Bulletin       Jan 96   Parity_
        Ltd Distribution  UK                            Boot.B
        of Electronic
        Christmas Card on
   cm.  Powersoft Multi-  David Kennedy        Jan 96   Taipan.
        media U.S.A.      from NCSA Forum               666
        Distribution of
        CD-ROM "101 Card
   cn.  Microsoft         David Kennedy        Jan 96   WinWord.
        Distribution of   from S & S                    Concept
        CD-ROM "The       International
        Microsoft Office
        95 and Windows 95
        Business Guide"
   co.  OSD C3I Distri-   Thomas Bozek         Feb 96   Ripper
        bution of disk    OSD C3I
        "40th ARMA
   cp.  Alpine Media      Wayne Riddle         Mar 96   B1
        Distribution of   NCSA Forum
        Developer Server
   cq.  Assistance Chief  Wyland Leadbetter    Mar 96   WinWord.
        of Staff for      COL, DAIM-MD                  Concept
STEWS-GC-SD-S (380-19a)                                     Sep 96
SUBJECT:  Viral Infections in Commercial/Government Media/Software
        Distribution of
        Biographies Disk
   cr.  Industrial        Laura Steen          May 96   AntiCmos-
        Computer Source   ICS Customer                  A
        (ICS) Distribu-   Engineering Manager
        tion of Windows
        95 Driver Disks
        for ROCKETPORTXX
*  cs.  HQ FORSCOM        John Mitchener       Sep 96   WinWord.
        Distribution of   White Sands                   Concept
        Uuencoded Files
        over the Internet
a.  Freehand              Various              Mar 88   MacMag/
b.  QLTECH MegaRom        Various              Oct 88   nVIR
c.  MS Word 4             Various              Oct 88   nVIR
d.  STELLA 2.0            EARN                 Oct 88   nVIR
e.  CMS HardDrive         Various              Nov 88   Scores
    Utilities, Ver 3.4
f.  NoteWriter            Colgate College      Sep 89   Scores
                                                        & nVIR
g.  Brady Hypercard       Various              Sep 89   nVIR A
    1.2.2 within the
    Book Applied HyperTalk
h.  Grammitik             Various              Jan 90   WDEF A
i.  MacPublishing         David Ferbrache      Jan 90   WDEF
    Font Disk
j.  Chessmate 2100/       Various              Apr 90   WDEF
k.  CC-on-Diskette        Mike Tyo             Apr 90   WDEF A
    Distributed by the
    Institute for
    Scientific Information
l.  Diskworld Diskette    Chuck Hoffman        May 90   WDEF
    Softdisk Publishing
m.  Excel Microsoft       Gail Lawley          Jun 90   WDEF
n.  SecureWare INC        Marshall Abrams      Aug 90   nVIR
o.  Rodime PLUS/RX        Paul Woodman         Feb 91   WDEF A
    Praxis Software
p.  Seiko PS-X Printer    ASSIST               Jul 92   CDEF
    Driver Software
    Distributed by
    American Computer
STEWS-GC-SD-S (380-19a)                                     Sep 96
SUBJECT:  Viral Infections in Commercial/Government Media/Software
    Resources, VA
q.  Standard Distribution Jim Huggins          Oct 93   nVIR
    Disks for University  Michigan Daily
    of Michigan Computer
    Kickoff Sale
r.  CD-ROM Journal of     CIAC                 May 94   nVIR
    Vacuum of Science &
    Technology, Vol 12,
s.  CD-ROM within         Brian Nickels        Sep 94   WDEF
    UK MACFORMAT          Adelaide, Australia
t.  Macintosh System      NASA Automated       Oct 94   MBDF
    7.5 Sample Upgrade    Systems Incident
    Kit (HDSC Setup and   Response Capability
    Disk First Aid
u.  West German Dis-      Klaus Brunnstein     Nov 94   MerryXmas
    tribution of 4,000    Hamburg
    CD-ROMs with MacTools
    and MacPower Collection
v.  MacUser, UK Edition,  OXCERT               May 96   MDBF-A
    Distribution of
    CD-ROM with One
    Director Movie
WordUp 2.0                Various              Sep 89   Key
Sama Software Inc         Leonard Fetterhoff   1988     Byte
Disk Distributed in       White Sands                   Bandit
7.  Individuals may forward any information on additional incidents

