8 Deadliest Computer Viruses of All Times |
Computer viruses don’t just slow your computer down and annoy you with popups. Viruses can also steal your credit information, hold your data hostage and even wipe your hard drive clean. Here’s a look at some of the worst viruses in history.
1. Melissa
Created in 1999 by David L. Smith.
The Virus
The virus was Microsoft Word macro. A macro is a series of
commands or instructions that get carried out automatically. David L. Smith
claimed to have named the virus after an exotic dancer in Florida. And it was the
first email-activated viruses. And the virus affected the users with Microsoft
Word 97 and 2000 by:
- Shutting down safeguards in those programs.
- Lowering security settings.
- Disabling macro security.
- The virus spread itself by sending ad infected document via email.
Note: Computer which had Microsoft Outlook would send the
infected documents to the top 50 contacts in the users address books. The email
was designed to trick people into opening the file. If the day of the month
matched the minute, the virus would insert a Bart Simpson quote into the
document it sent:
“Twenty-two points, plus triple-word score, plus fifty
points for using all my letters. Game’s over, I’m outta here”.
The Damage
- Tens of thousands of people couldn’t access their emails within six hours of the virus being posted.
- Hundreds of websites were affected.
- The Microsoft Corporation had to disable all incoming and outgoing email.
- Caused $1.2 billion in damages and losses.
David L. Smith was fined $5,000, sentenced to 20 month in
jail and forbidden from accessing computer networks without court
authorization.
2. ILOVEYOU
The Virus
Allegedly written by Onel de Guzman
Typically the ILOVEYOU virus spread through an infected
email attachment. And it was launched from the Philippines in 2000.
The email’s subject line would say that it was a love letter
from a secret admirer. The name of the original file was
“LOVE-LETTER-FOR-YOU.TXT.vbs” (.vbs is a Visual Basic Scripting file). Due to
formatting issues, some email client omitted the “.vbs” in the file name. This
caused users to think they were opening plain text file.
When the file was opened, the virus would:
- Overwrite file types with copies of itself to let it continue spreading if the original version was removed from the computer. (This erased number of different files including JPEG, JS, JSE, HTA, MP3, SCT, VPOS, WSH, CSS)
- Reset the infected computer’s internet Explorer home page.
- Send the infected file to all of the user’s contacts in Microsoft Outlook.
- Download and execute a file that stole passwords and emailed them to the hacker’s email address.
(If the user entered a chat group with Internet Relay Chat,
the virus would attempt to spread to all other users in the group.)
The Damage
- Roughly one tenth of all the Internet-Connected computers in 2000 were infected with ILOVEYOU.
- ILOVEYOU reached an estimated 45 million people in one day.
- It caused $5.5 billion in damages in the first week.
- The virus caused an estimated $15 billion in damages.
Note: (McAfee reported that a supermajority of their fortune
100 clients were infected with the virus.)
Onel de Guzman was arrested on suspicion of creating the
virus. He and his co-conspirator were later released as the Philippines had no
laws at time against writing malware.
3. CODE RED
The Virus
Code Red was launched in July 2001.
The virus infected Windows NT and 2000 machines by
exploiting a buffer overload vulnerability.
A second version of the virus, Code Red II, acted similarly
and was launched later in the year.
Characteristics of virus
- It works by sending the computer instructions after a long string of nonsense.
- Once the buffer has been filled with the nonsense information, the computer begins overwriting memory (The memory is overwritten with the instructions for the virus.).
- This meant that the user only had to be connected to be infected.
- Infected Windows NT machines would crash more often than normal. Infected Windows 2000 machines would suffer a system-level compromise (This means that the computer could be controlled by the hacker).
The virus would behave differently depending on a few
factors:
• The date:
1st – 19th: Target random IP addresses and spread itself.
20th – 28th: Launch a DDoS (Distributed Denial of Service)
attack on the White House’s IP address
29th – after: Go into “Sleep” mode.
•Page
Language:
English-language web pages would be defaced with the words
“Hacked by Chinese!”
Note: (Microsoft released a patch to fix the vulnerability
exploited by the virus several months after the attack)
The Damage
- Between 1 and 2 Million computers were infected overall.
- In less than 1 day, the virus infected more than 359,000 computer systems.
- Caused over $ 2billion in losses.
CAIDA (the Center for Applied Internet Data Analysis) found
that of those hosts infected by Code Red:
43.91% were from the US.
10.57% were from Korea.
4. NIMDA
The Virus
Launched in September 2001, one week after 9/11
Nimda is “admin” spelled backwards.
The FBI had to refute rumors that the virus was connected to
the terrorist attack. In Computer world Magazine, TruSecure CTO Peter Tippett
reported that Nimda topped their list of viruses in just 22 Minutes.
The virus was the fastest spreading piece of malware at the
time. More than 2 Million computers were infected in 24 hours. While the virus
could not infect home PCs, its primary target were web servers.
The virus infected computers in a variety of ways:
- Local Networks
- Drive-by downloads on websites
- Loopholes created by other worms
- Vulnerabilities in IIS (Internet Information Server), Microsoft’s Web Server
- Nimda allowed attackers to have the same access to an infected machine as the current user.
- If a user had admin level privileges, so would the hacker.
- Nimda would install itself to the root of drives C, D and E.
- t would also replicate itself in any folder where it found .doc or .eml files.
The Damage
- Caused $635 million in losses.
- The virus spread so quickly that it significantly slowed internet browsing times and crashed several networks.
- A Florida Federal court had to operate using paper copies of all of their documents when their system was infected with Nimda variant.
5. SQL Slammer/Sapphire
The Virus
Launched in 2003.
This virus spread through a buffer overflow vulnerability in
Microsoft’s SQL Server database management service.
It randomly selected IP addresses to infect. Servers
infected with SQL Slammer would spawn millions of copies to infect other
servers. Within 3 minutes of attacking its first victim, the number of servers
infected by Slammer doubled every 8.5 seconds.
The Damage
- Caused $750 million in damages
- Crashed Bank of Americas ATM service
- A number of other banks were affected by the virus.
- Caused outages to Seattle’s 911 service
- Alfred Huger, from Symantec Security Response, reported that SQL Slammer caused network issues over the entire Internet.
- Infected Airlines online ticketing systems and electronic kiosks, rendering them inoperable.
Note:
South Korea lost almost all internet access.
US Government websites affected includes:
- Department of Agriculture
- Department of commerce
- Defense department
Several newspapers had publishing problems, including
- The Atlanta Journal Constitution
- The Associated Press
- The Philadelphia Inquirer
6. SASSER
The Virus
Launched in 2004. Created by Sven Jaschan, a 17-year old
from Germany.
Sasser worked by exploiting a vulnerability in a Window
system called LSASS (Local Security Authority Subsystem Service).
The virus scanned IP addresses until it found one that was
vulnerable, then it downloaded itself into the windows directory. The next time
the computer was booted up, it would be infected. Unlike other viruses, users
didn’t have to open any email attachments in order to be infected by Sasser;
they only needed to be online.
Sasser also affected the operating system. This made
shutting down infected computers without pulling the difficult. The virus
affected Windows 2000 and XP.
The Damage
- Infected all 19 of the British Coast-guard’s Control rooms.
- Delayed British Airway’s flights
- Staff had to use paper maps and pens
- Caused $500 million in damages
- Sasser brought down a third of Taiwan’s post offices
Sven Jaschan was sentenced to 1 year 9 month probation, 30
hours of community service and he was tried as junior.
7. MYDOOM
The Virus
Launched in 2004
MYDOOM virus originally began to spread through KaZaA,
afile-sharing application, but the spread to emails. In both cases, users had
to open a file in order to become infected. At its peak, MyDoom infected one in
12 emails as it tried to spread itself.
The virus had potential to do following things:
- Computers infected with MyDoom would launch a DDoS on www.sco.com (a Linux software company). The virus would also open ports on victim’s computers so that hackers would have backdoor access to their systems.
- A second attack later that year affected search engines. My Doom infected computers would send search requests to search engines in an attempt to find email addresses. Some search engines received so many requests that they crashed.
- MyDoom was capable of spoofing its infection emails, making it more difficult to track. “Spoofing” involves forging the “From” address in an email. Infected between 600,000 and 700,000 computers.
The Damage
- Caused $83 billion in damages
- Slowed down internet access worldwide by 10 percent.
- Reduced access to some websites by as much as 50 percent.
8. CONFICKER
The Virus
Launched in 2008
The CONFICKER virus took an advantage of an exploit in
Windows 2000, XP and 2003 servers that could cause them to install an
unauthenticated file.
It could even affect servers with firewalls, as long as they
had print and file sharing enabled.
Facts
- Infected millions of computers. Spread by infected USB drives and over networks.
- Creating backdoor in firewalls
- Disabling anti-malware programs
Conficker was supposed to do something on April 1, 2009, but
nothing happened. Experts were worried computers infected with Conficker would
possibly:
- Become a botnet
- Create a criminal version of search engine, copying private information from infected systems and then selling that information
- Launch a massive DDoS attack.
The Damage
- Caused $9.1 billion in damages
- French fighter planes were grounded when they couldn’t download their flight plans.
- In England, military system were infected, including:
- a. More than two dozen British Royal Air Force bases
- b. 75% of the Royal Navy fleet
- Computers and medical devices at hospitals in the US and the UK were infected
- The Manchester City Council IT system went down, rendering the city unable to process fines.
Note: While the majority of these viruses are no longer
threats they once were, there are still many viruses on the Internet and more
being created every day. To avoid getting infected, remember these tips: Update
your antivirus software often, download OS patches when they come out, and
don’t open untrustworthy files.
Reference: whoishostingthis.com
-->
Comments