Malware spotlight: Wabbit

Introduction

Beginnings are often steeped in myth, legend and a good helping of storytelling, with malware being no exception to this rule. Way back in 1974, before many of our readers were born, malware was still in its infancy, with early pioneers inventing different types of malware to simply explore what could be done. 

One such creation was the Wabbit — the first self-replicating malware. It was simple and crude, to be sure, and while the original Wabbit was not malicious, variants of the Wabbit can be programmed to exhibit malicious capabilities. 

This article will detail the Wabbit type of malware and will explore what Wabbit is, the history of Wabbit, how Wabbit works, the fork-bomb Wabbit variant, and potential applications for this early type of malware. 

What is Wabbit?

To properly discuss Wabbit, we first need to discuss the proverbial rabbit — I mean, elephant — in the room. The name Wabbit is in reference to Elmer Fudd’s way of saying rabbit from the old Looney Tunes cartoons. 

This name is incredibly accurate for what this malware is, as it refers to the fact that rabbits reproduce very fast. Wabbit is the first self-replicating malware to ever exist (some historians will argue that Creeper was) and can reproduce so fast that the system it is installed on literally chokes as its resources are all used up by Wabbit.

While the first instance of Wabbit was not malicious per se, killing a computer system is certainly malicious to the system owner if they are not expecting it. Moreover, Wabbit can be programmed to perform conscious malicious actions. One such variant of Wabbit is called the fork-bomb, which will be discussed later in this article. 

Due to the rarity of Wabbit and some of its unique (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/y7znTvFh9-0/