The Chernobyl virus is a malicious computer program that was designed to infect Windows-based operating systems. It was originally referred to as the CIH virus and the Spacefiller. The name “Chernobyl virus” was coined because its first payload activation occurred on 16 April 1999, the 13th anniversary of the Chernobyl disaster.
Chen Ing Hau wrote the virus in 1998 during his college days at Taiwan’s Tatung University. He admitted to have written the virus after he realized that it could be traced back to him. The Chernobyl virus was designed to infect computers using the Windows 95, 98, and ME operating systems.
The virus’s initial payload works by covertly overwriting PE format files. When first installed, the virus splits itself and imbeds its parts in the spaces between the files. This enables the virus to rapidly replicate. By filling just the gaps, the virus does not increase a file’s size, making it harder for antivirus software to detect it. This earned the virus the nickname “Spacefiller.”
Computer worms like the Chernobyl virus destroy program and executable files on the computers they infect. They overwhelm the computers with additional scripts, causing them to slow down. In the Chernobyl virus’s case, its secondary payload also infects the Flash BIOS which prevents the computer from starting.
Asian and Middle Eastern countries were hit the hardest by the virus. This was mostly due to the prevalence of pirated operating systems and the disregard for computer security in these countries. It was estimated that the virus caused more than $2 hundred million US Dollars (USD) in damages in clean up and file recovery.
Several variants of the virus have been written since the original was activated. Three of the lesser-known variants are CIH v1.2 TTIT, CIH v1.3, and CIH v1.4. The main difference among the variants is their payload activation date. The last known variant, the CIH.1106, was discovered in 2002. Since most antivirus software was able to recognize the virus, however, its effect was not as widespread as its predecessors.
Another variant of the Chernobyl virus is the infamous “I Love You” virus or “Love Bug.” The Love Bug spread through emails with the subject “I Love You.” Due to the subject, the majority of the people who received the email opened it. This amplified the Love Bug’s spread, infecting millions of users, including government and corporate computers. Damage from the virus was reported to have been in billions of US Dollars.