The W32/Lacon-A virus was a worm making the rounds in the early to mid-2000s. Looking back at it today, it’s packed with nostalgia, from spam emails about the Do Not Call registry to a Homestar Runner cameo.
Malware historian danooct1 demonstrates the virus in the latest video of his long-running series documenting malware in action, including WannaCry and NotPetya. Dan told me over Twitter DMs that he read about the Lacon worm in various antivirus databases. He found a sample of it to use for our entertainment.
“The footage you see is of the actual worm running on a computer,” Dan said. He didn’t have to code or recreate anything to make the video, emulating Windows 98 SE with Virtual PC 2007—it sends its own emails, creates its own files, and changes the homepage to the Homestar animation all on its own. Open one of the emails with the subject line “National No Call Registry Info,” and the .exe file within, and it’s off and running.
As viruses go, it’s pretty cute—a popup appears to speak as your “angry computer” announcing it’s quitting, and force-logs you off. But it’s also thoroughly nasty. It emails itself to all of your contacts in the Windows Address Book and copies more executable files to various folders, with titles like “1,000 Porn Site Passwords.exe,” “DeskTop Stripper – HOT!.exe” and “AIM Password Hack.exe.” Quite a payload.
Dan said that according to his own research, it originated in late August of 2003, which would explain pretty much every dated reference here. Computer over. Virus = very yes.
Powered by WPeMatico