hiscont@cc.unizar.es (Antonio-Paulo Ubieto Artur) (09/21/89)
I heard recently about a virus here in Spain known as "the cookie
virus" ("virus de la galleta"). I don't know if this virus originated
here in Spain or somewhere in Europe. Although I haven't seen this
virus yet (I got the following from hackers here outside of our
University) I think it really exists and seems to be really a nasty
virus, so I provide the following information to avoid possible
trouble.
This "cookie virus" seems to activate itself only when you are
using a word-processing program. At random moments it flashes you
something like "give me a cookie...!" ("dame una galleta"...!). If you
type "have a cookie" ("toma una galleta"), the virus seems to
deactivate itself after prompting "thank you" ("gracias"). If you do
not "give it a cookie" and escape some other way, it asks two minutes
after for a cookie again. If you escape again and afterwards you save
your text and exit the word-processor, you will find the next time you
try to load your text that all its extent has been replaced with the
string "this because you didn't give me a cookie" ("esto por no darme
una galleta")...
In a first approach to the detection of this virus, any search
for the string "cookie" ("galleta") was no use. The only string found
was something like "kiecoo" ("etagall"), and the virus seemed to be in
"IBMBIO.COM" and "IBMDOS.COM" files, but time and date stamp seemed to
be untouched...
Somebody out there has suffered effects like the described ones?.
Any detection and preventive methods?.
Antonio-Paulo Ubieto Artur.
Department of Modern and Contemporary History.
Zaragoza University.
50071 Zaragoza (Spain-Europe).
hiscont@cc.unizar.es