Sign up to save your podcasts
Or
Share DP48 Jerusalem Virus
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
DP48 Jerusalem Virus
Created in October 1987, this is a virus that has worm-like behaviors but was created a year before the Morris worm ran havoc over the Internet. As such, there’s not really a classification for this virus as it’s behavior was different to worms.
The only similarity it has to worms is that it likes to multiply and create files on disks multiple times. Though how it went about it was unusual.
First of all, Jerusalem was a logic bomb virus. Once it was infected, it sticks to becoming a memory resident. As a result, it takes up 2 kilobytes of memory on a disk. It then starts to infect every executable and COM file that’s run on that disk. Though it avoids any command.com files.
COM files specifically grow by exactly 1,813 bytes. Executable files grow between 1,808 and 1,823 bytes every time they’re infected. They’re then re-infected every time the files are loaded until they are too large to load.
What’s also unusual is what the virus infects. For one, it can’t infect read-only files. So floppy disks are off the table.
But the most unusual aspect about this virus is when it goes off. Out of all the viruses out there this one takes the cake for being really unique. Since this virus is a logic bomb, it goes off when you’ve “lit the fuse” so to speak. And someone lights this fuse when they load a particular disk with this virus on the 13th of October on any given year except for 1987, the year the virus was created.
Once the fuse is lit it deleted any programs that were run that day and infected them.
Because of all of these unusual circumstances, this virus has multiple aliases and variations of it. The name Jerusalem stuck the most because this virus was detected by students who were at Hebrew University of Jerusalem.
Other names for this virus is Friday the 13th, ArabStar, 1808(EXE), 1813(COM), Hebrew University, Saturday 14, amongst others.
But how did this virus get detected in the first place? Well the students spotted a subtle difference. This particular virus didn’t have any clear messaging unlike other viruses, but it did mis-capitalize words.
To this day, no one knows who created this virus, or what the purpose was for it. Some people believe it was created by the Palestine Liberation Organization (PLO) to mark May 13th 1948, the day before Israel Independence Day but it’s still uncertain.
View all episodes
By dpappCreated in October 1987, this is a virus that has worm-like behaviors but was created a year before the Morris worm ran havoc over the Internet. As such, there’s not really a classification for this virus as it’s behavior was different to worms.
The only similarity it has to worms is that it likes to multiply and create files on disks multiple times. Though how it went about it was unusual.
First of all, Jerusalem was a logic bomb virus. Once it was infected, it sticks to becoming a memory resident. As a result, it takes up 2 kilobytes of memory on a disk. It then starts to infect every executable and COM file that’s run on that disk. Though it avoids any command.com files.
COM files specifically grow by exactly 1,813 bytes. Executable files grow between 1,808 and 1,823 bytes every time they’re infected. They’re then re-infected every time the files are loaded until they are too large to load.
What’s also unusual is what the virus infects. For one, it can’t infect read-only files. So floppy disks are off the table.
But the most unusual aspect about this virus is when it goes off. Out of all the viruses out there this one takes the cake for being really unique. Since this virus is a logic bomb, it goes off when you’ve “lit the fuse” so to speak. And someone lights this fuse when they load a particular disk with this virus on the 13th of October on any given year except for 1987, the year the virus was created.
Once the fuse is lit it deleted any programs that were run that day and infected them.
Because of all of these unusual circumstances, this virus has multiple aliases and variations of it. The name Jerusalem stuck the most because this virus was detected by students who were at Hebrew University of Jerusalem.
Other names for this virus is Friday the 13th, ArabStar, 1808(EXE), 1813(COM), Hebrew University, Saturday 14, amongst others.
But how did this virus get detected in the first place? Well the students spotted a subtle difference. This particular virus didn’t have any clear messaging unlike other viruses, but it did mis-capitalize words.
To this day, no one knows who created this virus, or what the purpose was for it. Some people believe it was created by the Palestine Liberation Organization (PLO) to mark May 13th 1948, the day before Israel Independence Day but it’s still uncertain.