In recent years, malware writers have found it more useful to control machines than destroy them, using a compromised computer’s Internet connection to deliver spam or mount denial of service attacks. Disabling the host machine also impedes the spread of the virus.
VBS.Pub solves that problem with a time-release payload that mimics the CIH/Chernobyl virus, one of the Net’s most destructive viruses. Chernobyl began circulating in 1998, and featured a payload that was triggered on April 26, 1999, the anniversary of the Chernobyl nuclear accident, and in some versions was reactivated on the 26th of every month. CIH overwrote data on an infected machine’s hard drive, leaving most unusable.