Alabama (computer virus)
Encyclopedia
Alabama is a computer virus
, discovered October 1989 on the campus of Hebrew University in Jerusalem.
file is executed from this point on, Alabama will search out for another file to infect. This is probably intended to place blame on the file that is being executed instead of the virus itself. Files infected by Alabama increase in size by 1,560 bytes.
The third symptom is by far the clearest indication of an Alabama infection. It is unknown what the PO Box
address in the virus refers to. However, the implication of the message is that Alabama was released in an attempt to curb software piracy
. Similar motivations led to the creation of the first known PC virus, Brain
. This message also suggests that the PO Box may very well not belong to the author: the author clearly meant Tuscumbia, Alabama
, as Tuscambia is not a city. This supports the theory that the virus originated in Israel.
Since the advent of Windows
, even successful DOS viruses have become increasingly rare. As such, Alabama can be considered obsolete.
Computer virus
A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability...
, discovered October 1989 on the campus of Hebrew University in Jerusalem.
Infection
Alabama is a fairly standard file infector outside its odd behaviour of deciding what files to infect. When an infected file is executed, Alabama goes memory resident. Whenever a .EXEEXE
EXE is the common filename extension denoting an executable file in the DOS, OpenVMS, Microsoft Windows, Symbian, and OS/2 operating systems....
file is executed from this point on, Alabama will search out for another file to infect. This is probably intended to place blame on the file that is being executed instead of the virus itself. Files infected by Alabama increase in size by 1,560 bytes.
Symptoms
A number of symptoms are associated with Alabama:- EXE files will increase by 1,560 bytes in size upon infection.
- On Fridays, Alabama will begin to modify the File Allocation TableFile Allocation TableFile Allocation Table is a computer file system architecture now widely used on many computer systems and most memory cards, such as those used with digital cameras. FAT file systems are commonly found on floppy disks, flash memory cards, digital cameras, and many other portable devices because of...
. As a result, when a file is executed, another may appear in its place. This is potentially dangerous. For more information, see the payload section. - One hour after an infected program is run, Alabama will bring up a flashing box with the text "SOFTWARE COPIES PROHIBITED BY INTERNATIONAL LAW..............Box 1055 Tuscambia ALABAMA USA."
The third symptom is by far the clearest indication of an Alabama infection. It is unknown what the PO Box
Post Office box
A post-office box or Post Office box is a uniquely addressable lockable box located on the premises of a post office station....
address in the virus refers to. However, the implication of the message is that Alabama was released in an attempt to curb software piracy
Copyright infringement of software
Copyright infringement of software=The copyright infringement of software refers to several practices which involve the unauthorized copying of computer software. Copyright infringement of this kind varies globally...
. Similar motivations led to the creation of the first known PC virus, Brain
Brain (computer virus)
Brain is the industry standard name for a computer virus that was released in its first form in January 1986, and is considered to be the first computer virus for MS-DOS...
. This message also suggests that the PO Box may very well not belong to the author: the author clearly meant Tuscumbia, Alabama
Tuscumbia, Alabama
Tuscumbia is a city in and the county seat of Colbert County, Alabama, United States. As of the 2010 census, the population was 8,423 and is included in The Shoals MSA....
, as Tuscambia is not a city. This supports the theory that the virus originated in Israel.
Payload
On Fridays, Alabama will begin to modify the File Allocation Table in an odd way. Instead of searching for a file to infect, Alabama searches for a file to cross-reference. The virus modifies the FAT entry so that when the user executes one file, another will appear. For instance, on a machine where Alabama is resident, executing PROGRAM1.EXE on a Friday may cause the virus to search for another program and find PROGRAM2.EXE. Alabama will then modify the FAT so that whenever PROGRAM1.EXE is executed, PROGRAM2.EXE displays instead. This certainly can result in confusion, and may result in programs being lost or incorrectly deleted.Prevalence
The WildListhttp://www.wildlist.org/, an organisation tracking computer viruses, never reported Alabama as being in the field. It was isolated spreading in Israel, but this may have been a limited local outbreak.Since the advent of Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
, even successful DOS viruses have become increasingly rare. As such, Alabama can be considered obsolete.