By: Shimon Brathwaite
September 14, 2021
How To Write Computer Viruses
By: Shimon Brathwaite
September 14, 2021
Computer viruses have risen in popularity as the main nuisance or security risk for a computer. One of the reasons cybersecurity has increased in demand is the growth in the number of computer viruses and other malware developed over the last several years. While getting caught up, it is easy to forget what a computer virus is made of; it is simply a line of computer code. At its core, it is no different from a web browser, mobile apps, or social media platforms. It is simply a piece of computer code that was designed to perform a certain set of actions. This means to create a computer virus; you must know how to write code. Teaching people to create computer viruses is controversial because of the potential damage it can cause. However, there are legitimate reasons for learning how to write computer viruses. You may work for a company that creates malware to emulate cyberattacks as part of a penetration test, or you could work for the government designing viruses that will be used in cyberwarfare. While many cybersecurity professionals will not teach people how to do this, obtaining a job in these positions is highly unlikely if you do not possess some knowledge. Therefore, it is important to teach yourself how to write malware if this is an area of interest. The following is an introductory guide on everything you need to know to start writing computer viruses:
What makes a virus a virus?
As mentioned earlier, a computer virus is just a piece of code. But let us discuss what a virus truly is. A computer virus is a specific type of malware. Malware is any malicious software that is designed to intentionally cause damage to a computer, server, client, or computer network. A computer virus, a specific type of malware, is a computer program that, when executed, replicates itself by modifying other computer programs and inserting its code into that program. Computer viruses typically require a host program to spread. It is important to understand the difference because calling something a computer virus only tells you how the malware spreads, not its actual function. You may find it more useful to write malware that can spread without the need for a host program altogether, such as a computer worm or trojan.
What do I need to know to write a computer virus?
In addition to knowing how to write the code, you must know how to package your script as an executable. This way, you can be sure your application will run, regardless of the operating system. If you keep your malware as a .py file, it will only execute in a code editor. The last aspect of packaging your application is learning how to make your virus look like a legitimate file; this means making it look like a .pdf, .docx, or .xlsx file, for example. This way, it looks like a legitimate file to a user, and they are more likely to execute the program.
Third, you must get acquainted with virtual machines, such as VirtualBox and VMware Workstations. This is important because once you have a prototype of your virus, you will need somewhere to test it. A VM is a great tool to see what your virus can do in a contained environment; no need to worry about damaging your computer or anyone else's.
Where can I learn to write my first computer virus?
There are tutorials online that you can follow to learn how to write your first computer virus. In the following paragraph, I will discuss a keylogger that I wrote in conjunction with the Udemy course; you can use this article as a template for writing your keylogger as your first malware project. The complete source code is found here.
In the first step of creating this program, we imported the necessary libraries and created a function that will be used to send the keylogger information via email. It is important to note that you must have an app password on your Gmail account for this to work. This function cannot use the regular password that you use to log in. You can find out how to make an app password here.
The second step consists of configuring the keylogger to display the information in a readable format. You may notice that certain keys on the keyboard, such as the right arrow key, the space bar, the Enter key, and other character keys (except for alphanumeric keys), look vastly different when recorded by the keylogger. For instance, if you look at the first statement under the "except:" clause, you will see I replace the key "key. space" with quotation marks ("). These commands will ensure that your output is readable when it is emailed to you.
Next, you will create a function responsible for generating the report every 5 seconds once the script is executed. In the send_mail argument, you will insert your actual email address and its corresponding app password; the strings are just placeholders. The last part of our script consists of our keylogger and our reporting function. This is essentially the part of the script that will cause the keylogger to run.
After creating the keylogger, you now have a template for your first ever piece of malware! If you want to learn step by step how to write this as well as other Python malware, you can go ahead and check out the course on Udemy that was referenced earlier, or you can search online for other tutorials on how to write malware. There are several out there, but the key is to search for tutorials that will create the malware step by step and break down exactly how each of the elements works. Avoid tutorials that focus on theory or only show you bits and pieces without putting them together into a workable program.