Brain (computer virus)

©Brain

The boot sector of an infected floppy

Brain is the industry standard name for a computer virus that was released in its first form in January 1986,[1] and is considered to be the first computer virus for MS-DOS. It infects the boot sector of storage media formatted with the DOS File Allocation Table (FAT) file system. Brain was written by two brothers, Basit Farooq Alvi and Amjad Farooq Alvi,[2] from Lahore, Punjab, Pakistan.

Description

Brain affects the IBM PC computer by replacing the boot sector of a floppy disk with a copy of the virus. The real boot sector is moved to another sector and marked as bad. Infected disks usually have five kilobytes of bad sectors. The disk label is changed to ©Brain, and the following text can be seen in infected boot sectors:

Welcome to the Dungeon (c) 1986 Basit & Amjads (pvt) Ltd VIRUS_SHOE RECORD V9.0 Dedicated to the dynamic memories of millions of viruses who are no longer with us today - Thanks GOODNESS!! BEWARE OF THE er..VIRUS : this program is catching program follows after these messages....$#@%$@!!

There are many minor and major variations to that version of the text. The virus slows down the floppy disk drive and makes seven kilobytes of memory unavailable to DOS. Brain was written by Amjad Farooq Alvi, who at the time lived in Chahmiran, near Lahore Railway Station, in Lahore, Pakistan. The brothers told TIME magazine they had written it to protect their medical software from piracy, and it was supposed to target copyright infringers only.[3] The cryptic message "Welcome to the Dungeon", a safeguard and reference to an early programming forum on Dungeon BBS, appeared after a year because the brothers licensed a beta version of the code. The brothers could not be contacted to receive the final release of this version of the program.

Brain lacks code for dealing with hard disk partitioning, and avoids infecting hard disks by checking the most significant bit of the BIOS drive number being accessed. Brain does not infect the disk if the bit is clear, unlike other viruses at the time, which paid no attention to disk partitioning and consequently destroyed data stored on hard disks by treating them in the same way as floppy disks. Brain often went undetected, partially due to this deliberate non-destructiveness, especially when the user paid little to no attention to the slow speed of floppy disk access.

The virus came complete with the brothers' address and three phone numbers, and a message that told the user that their machine was infected and to call them for inoculation:

Welcome to the Dungeon © 1986 Brain & Amjads (pvt). BRAIN COMPUTER SERVICES 730 NIZAM BLOCK ALLAMA IQBAL TOWN LAHORE-PAKISTAN PHONE: 430791,443248,280530. Beware of this VIRUS.... Contact us for vaccination...

This program was originally used to track a heart monitoring program for the IBM PC, and pirates were distributing illicit copies of the disks. This tracking program was supposed to stop and track illegal copies of the disk. Unfortunately, the program also sometimes used the last 5k on an Apple floppy, making additional saves to the disk by other programs impossible.

Author response

When the brothers began to receive a large number of phone calls from people in United States, United Kingdom and elsewhere, demanding that they disinfect their machines, they were stunned and tried to explain to the outraged callers that their motivation had not been malicious. Their phone lines were overloaded. The brothers with another brother Shahid Farooq Alvi are still in business in Pakistan as Brain NET Internet service providers with a company called Brain Telecommunication Limited.

In 2011, 25 years after Brain was released, Mikko Hyppönen of F-Secure travelled to Pakistan to interview Amjad for a documentary.[4][5] Being inspired by this documentary and its wide spread, a group of Pakistani bloggers interviewed Amjad, under the banner of Bloggerine.[6]

Variants

Ashar is an older version of Brain. There are six variants, each with a different message.

See also

References

  1. Leyden, John (January 19, 2006). "PC virus celebrates 20th birthday". The Register. Retrieved March 21, 2011.
  2. Avoine, Gildas; Pascal Junod; Philippe Oechslin (2007). Computer system security: basic concepts and solved exercises. EFPL Press. p. 20. ISBN 978-1-4200-4620-5. The first PC virus is credited to two brothers, Basit and Amjad Farooq Alvi, from Pakistan
  3. Philip Elmer-Dewitt; Ross H. Munro/Lahore (September 26, 1988). "Technology: You Must Be Punished". TIME.
  4. Acohido, Brian (March 8, 2011). "Documentary examines the inception of PC viruses 25 years ago". USA Today. Retrieved March 9, 2011.
  5. "Searching for the first PC virus in Pakistan". F-Secure. Retrieved March 21, 2011.
  6. "To The Roots Of PC Virus". Bloggerine.

External links