We are still reviewing the history the most famous viruses… Remember Melissa and Friday the 13th? Well now it’s time to talk about Blaster, also known as Lovsan or LoveSan 3a1.
This worm came from United States on August 11, 2003, and only affected computers with operating systems that had Windows 2003/XP/2000/NT.
Blaster contained the message in your code: “I just want to say I love you San!” (We still do not know who San is) and added, “Billy Gates, why do you make this possible? Stop making money and fix your software “.
Blaster had 6176 Bytes in size when compressed by UPX, and 11,296 Bytes once unzipped.
There are two clear signs of its presence within your computer:
– A considerable increase in network traffic through TCP ports 135 and 4444 and UDP 69.
– The lock and restarting of the attacked computer, due to coding errors of the worm.
Fact About the Blaster Virus
During the months of January to August, the worm launches a denial of service against the windowsupdate.com website from the 16th thru the 31st. Then, during the rest of the months (September to December), the attack happens every day.
In the current version of the worm, it sends 40 byte packets every 20 milliseconds to port 80 on “windowsupdate.com”.
On August 29, 2003, 18-year-old Jeffrey Lee Parson of Minnesota was arrested for creating Variant B of the Blaster worm; he admitted to be the person in charge and was sentenced to 18 months in prison in January 2005.
Have you been ever attacked by Blaster?
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
