Share This:

Tech time warp

The timing of news that pirated versions of Microsoft Office software are spreading “malware cocktails” is interesting. After all, it was also in early June (back in 1999) that the ExploreZip virus destroyed Microsoft Office files the world over. Let’s take a look back in time in this edition of Tech Time Warp.

Twenty-five years ago, however, the vector of destruction was not a craftily constructed torrent file but rather a simple email attachment. As any good email worm does, ExploreZip’s email carrier purported to be a reply to a recent message from a known sender, and it came with convincing text: “Hi <sender name>! I received your email and will send you a reply ASAP. Till then, take a look at the attached zipped DOCs. Bye.” The zipped attachment was, of course, not a set of documents for the recipient’s review but instead a compressed executable. ExploreZip first replicated its way through the recipient’s Outlook contacts, then began destroying any files ending in c, .cpp, .h, .asm, .doc, .xls, or .ppt. The entire process repeated every half hour.

An estimated 150,000 computers in the U.S., Europe and Asia experienced ExploreZip damage, including machines at Microsoft, which reportedly shut its corporate email system down to stop ExploreZip’s march across its network. GE and the BBC also reported ExploreZip attacks.

A quickly deployed patch stopped the ExploreZip attack, though mutant versions of the worm popped up in December 1999 and January 2023. Over the years, other Microsoft Office-related viruses have wreaked havoc, including a 2006 Trojan horse virus that also arrived via email attachment. As always, think before you click!

Did you enjoy this installation of SmarterMSP’s Tech Time Warp? Check out others here.

Photo: faithie / Shutterstock

Share This:
Kate Johanns

Posted by Kate Johanns

Kate Johanns is a communications professional and freelance writer with more than 13 years of experience in publishing and marketing.

Leave a reply

Your email address will not be published. Required fields are marked *