Pikachu virus
 Message displayed by the worm when executed | |
| Aliases | Pokey, Pokémon virus |
|---|---|
| Type | Email worm |
| Author(s) | Unknown |
| Operating system(s) affected | Windows 9x |
| Filesize | 32,768 bytes |
| Written in | Visual Basic |
The Pikachu virus, also referred to as Pokey or the Pokémon virus, was a computer worm believed to be the first malware geared at children, due to its incorporation of Pikachu, a creature from the Pokémon media franchise. It was considered similar to the Love Bug, albeit slower in its spread and less dangerous.
The worm was first detected in June 2000, and mainly spread in the form of an email titled "Pikachu Pokemon" [sic]. The body of the email contained an attached executable file, "PikachuPokemon.exe", which installed a worm that attempted to delete two critical directories of the user's Microsoft Windows operating system. This would cause their computer to malfunction. However, an unintended prompt would be given, asking users if they wanted to delete the folders in question; this made the worm less effective than it could have been.
Background[edit]
Pikachu is a yellow "rabbit-like creature" with electricity powers in Pokémon, a Japanese video game series and cartoon. In 2000, ABC News described the series as a "worldwide craze".[1][2][3][4]
Computer viruses infect a computer and damage it, and are spread when users sent them from one PC to another, whereas computer worms spread on their own.[1] Despite this distinction, the worm which incorporated Pikachu was known as the "Pikachu virus"[5] or "Pokémon virus".[2] It was also known as "Pokey".[1] It started spreading in the United States in late June 2000, and was detected then.[1][2][4] The worm was in the form of an email titled "Pikachu Pokemon" [sic].[3] Different sources state that the email read either "Pikachu is your friend",[1][4] or "Great Friend! Pikachu from Pokemon Theme have some friendly words to say. Visit Pikachu at http://www.pikachu.com. See you."[2]
Description[edit]
The email had an attached executable file, "PikachuPokemon.exe", which contained the worm-program.[6][7] Opening the executable showed users an animated image of Pikachu bouncing, along with the message: "Between millions of people around the world i found you. Don’t forget to remember this day every time MY FRIEND!"[2][7] Meanwhile,PikachuPokemon.exeadded the lines "del C:\WINDOWS" and "del C:\WINDOWS\system32" to the file "autoexec.bat". These commands would be executed at the next boot (the next time computer is turned on[2]), in an attempt to delete two critical directories of the Microsoft Windows operating system.[8] This would cause the operating system to malfunction.[4] However, users would be given a yes/no prompt asking whether or not they wanted to delete those folders, since the author did not write the added lines as “del C:\WINDOWS\*.* /y” and “del C:\WINDOWS\SYSTEM\*.* /y” (the /y switches would have automatically chosen the yes option).[4][9] This defect was the reason that the worm did not cause more damage to computers.[4]
Spread[edit]
If the user who received the virus used Microsoft Outlook, the email would send itself to all the contacts in their Outlook address book.[1][2] This made the virus similar to the Love Bug, which spread in May.[1][10] However, the Pikachu virus was considered far less dangerous, and slower in its dissemination.[2][10] Anti virus companies said there had not been previous viruses or worms directed at children, and the Pikachu virus exploited the fact that children "tend to be less careful about security than their parents".[1][2] On August 24, anti-virus company Trend Micro said they had only received ten reports of the virus, and that nobody had opened it yet.[1][4] However, on August 25, it was reported to be widespread in the United States, but was also present in Europe and Japan.[2]
A consultant for the anti-virus company Sophos said that anyone who had up-to-date security software was unlikely to be affected by it.[2] Trend Micro recommended that users delete the email without opening it. Symantec (another anti-virus company), Trend Micro, and Sophos said that the slow spread of the email gave them time to update their products to include a defense against the worm. These products were available by August 25.[1]
See also[edit]
References[edit]
- ^ a b c d e f g h i j "Cute PC Virus Turns Kids Into Net Victims". ABC News. Retrieved 2024-04-04.
- ^ a b c d e f g h i j k "Pokemon virus contained". BBC News. August 25, 2000. Archived from the original on April 13, 2003. Retrieved 13 November 2014.
- ^ a b "Love Bug copycat virus targets kids". The Globe and Mail. 2000-08-31. Retrieved 2024-04-04.
- ^ a b c d e f g "Pokemon turns nasty in new computer virus". Independent Online. August 24, 2000. Archived from the original on September 25, 2018. Retrieved March 3, 2012.
- ^ "PIKACHU VIRUS TARGETING CHILDREN". Chicago Tribune. August 28, 2000. Retrieved April 4, 2024.
- ^ "Pikachu: Threat Description". Virus and threat descriptions. F-Secure Corporation. Retrieved 13 April 2017.
- ^ a b "Pikachu Virus Begins to Grow". 24 August 2000. Archived from the original on November 13, 2014. Retrieved March 3, 2012.
- ^ "Pikachu". Panda Security. Archived from the original on October 6, 2016. Retrieved 13 February 2013.
- ^ Singleton, Don. "Pikachu Virus". Tulsa Computer Society. Archived from the original on February 28, 2012. Retrieved March 3, 2012.
- ^ a b "Pikachu virus hits North America". CBC News. November 10, 2000. Archived from the original on November 2, 2013. Retrieved March 3, 2012.
External link[edit]
- Pikachu.com as it appeared in 2000: [1]
| |||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||
- ^ "Pokemon World - The Official Pokemon Site". 2000-10-18. Archived from the original on 18 October 2000. Retrieved 2022-04-22.