Top Ten Most Destructive Computer Viruses of All Time
The ILOVEYOU virus
was a computer virus that many consider to be the most damaging virus ever written. It spread itself by email in 2000 through an attachment in the message. Once opened, it loaded itself to the memory, infecting executable files. When a user received and opened the email containing the attachment “LOVE-LETTER-FOR-Y OU.txt.vbs”, the computer became automatically infected. It then spread itself by infecting executable files, image files, as well as audio files like MP3s. After that, the virus sent itself to others by looking up the addresses contained in the MS Outlook contact list. The virus was written by a Filipino programmer who was still a college student at that time. He said the release of the virus was only “accidental.” This virus spread throughout the world in just a day, infecting computers of large corporations and governments, including the Pentagon in the United States. It caused billions of dollars in damages. The actual “damage” occurred during the removal of the infection from computers, as email servers and computer networks had to be shut down before the virus could be removed.
2. CIH a.k.a. Chernobyl Virus
This virus was considered one of the most dangerous and most destructive viruses ever because it had the ability to remain undetected in a computer’s memory, infecting every application that was run. First released in 1998, the CIH virus infected executable files of the operating systems Windows 95, 98, and ME. This virus also was accidentally distributed by a software vendor, contributing to the massive infection of computers. What made this virus dangerous was that it had a trigger date. Once that date was reached, it overwrote the files on the hard drive and completely destroyed its contents. It also had the ability to overwrite the BIOS of the computer to prevent it from booting up. This virus was also known as the Chernobyl virus because some variants were set to destroy data in computers that coincided with the nuclear power plant accident.
3. Melissa Virus
Released in 1999, the Melissa virus was another mass-mailing malware that was said to have infected up to 20 percent of computers worldwide. This included the networks of Microsoft, Intel, and other companies that relied on MS Outlook as their email client. Email servers around the world were forced to shut down in order to prevent the virus from spreading, as well as to remove the virus from their system. The virus came through email including an MS Word attachment. When opened, it emailed itself to the first 50 people in the MS Outlook contact list. It also overwrote the document files in the infected computer with quotes from the famous cartoon TV series “The Simpsons.”
4. Code Red
The world had not yet recovered from the damage caused by the ILOVEYOU virus when Code Red was released in mid-2001. Unlike other viruses, this one only targeted certain computers running the Microsoft IIS (Internet Information Server) Web Server, exploiting a bug in the software. Once a computer was compromised by the virus, it would modify the handled website, displaying the message “Welcome to http://www.worm.com! Hacked by Chinese!” Then, it would later seek other computers running the web server software and do the same thing. After about two weeks of infection, the virus was programmed to launch DDoS (Distributed Denial of Service) attacks on certain websites, including the server of the White House.
5. Bagle
Bagle was another classic type of mass-mailing malware, but was quite complex. First detected in 2004, it infected users through an email attachment, and also used email to spread itself. Unlike previous mass-mailing viruses, Bagle did not rely on the MS Outlook contact list to make a list of where to send itself. It harvested email addresses from various document files stored in the infected computer – from plain-text files to MS Excel files. The danger of this virus was that its design opened a backdoor where a remote user – probably the author or a group of hackers - could gain access and control of the infected computer. It could download additional components to either spy and steal information from the user or launch DDoS attacks to certain networks and computers. Though the original Bagle virus was designed to stop spreading after January 2004, hundreds of variants today are still out there, spreading.
(x) wormholocaustm (18Aug2010-09:59am)
6. Blaster
The Blaster virus was a complex malware that spread itself not through email, but through a vulnerability in both the Windows 2000 and Windows XP machines. This malicious software was detected in mid-2003 and by then had infected hundreds of thousands of computers. Once a computer was infected, it displayed a message box indicating that the system would shut down in a couple of minutes. It was also programmed to launch a DDoS attack to a server run by Microsoft by April 2003, but was already contained by that time. Discovered in the code was a hidden message to Microsoft founder Bill Gates saying “Billy Gates, why do you make this possible? Stop making money, and fix your software!”
7. Sasser
Sasser was another complex computer virus that crippled thousands of computers, and was written by a 17-year-old German student in 2004. Sasser did not spread through email, and did not require any human intervention to compromise computers. It infected computers by exploiting vulnerability present in both Windows 2000 and Windows XP machines, known as the RPC (Remote Procedure Call) exploit - the same vulnerability used by the Blaster virus. Sasser successfully infected and shut down thousands of computer networks in just a matter of days. After infecting a computer, it is programmed to access the Internet to search for other vulnerable machines so that it can infect them. Sasser also displayed a notice indicating that the system was shutting down.
8. MyDoom
Another mass-mailing virus that caused a lot of damage was MyDoom. Though it was primarily written to spread through email, it also successfully infected computers by infecting programs stored in the shared folder of the Peer-to-Peer software KaZaA. Detected in 2004, MyDoom slowed down global Internet access by ten percent, and caused some website access to be reduced by 50 percent. Upon infection, it looked for email addresses from contact lists and sent itself to any addresses it found. It was said that during the first few days, one out of ten email messages sent contained the virus. It was only stopped from spreading after about a month. (For tips on eradicating mass mailing viruses, read Email Scanners - Protection from viruses and malware)
9. Sobig.F
Computer users were still recovering from the damage caused by Blaster in 2003 when another mass-mailer known as Sobig.F attacked. This computer virus caused billions of dollars in damage by stalling or completely crashing Internet gateways and email servers, resulting in the merciless slowing down of global Internet access. It harvested email addresses from various documents found in the infected computers. The virus then sent itself to these addresses. It was able to send over a million copies of itself within just a few hours of the outbreak. By September of 2003, it had deactivated itself, having been programmed to do so. It then ceased to be a threat.
10. SQL Slammer
SQL Slammer is the least damaging virus in this list. It still caused a considerable amount of damage, though, by overwhelming routers, causing them to shut down. The target of this virus was web servers running a vulnerable version of Microsoft SQL Server. Only computers that ran this server software were infected, but it caused the slowdown of Internet access around the world. In just under ten minutes, it was able to infect thousands of servers center away. Upon infection of a server, the virus generated random IP addresses through which it attempted to further infect other computers.
No comments:
Post a Comment