Breaking News

Top 5: Most Destructive Computer Viruses.

The 5 Worst Computer Viruses 

Getting a computer virus has happened to many users in some fashion or another. To most, it is simply a mild inconvenience, requiring a cleanup and then installing that antivirus program that you’ve been meaning to install but never got around to. But in other cases, it can be a complete disaster, with your computer turning into a very expensive brick which no amount of antivirus can protect.

Here are my top 5 Worms, Trojans, or Viruses.

1. Melissa
A macro virus named after a Miami stripper was so effective in 1999 that the tidal wave of email traffic it generated caused the likes of Intel and Microsoft to shut down their email servers. The virus contained a Word document labeled List.DOC as an attachment to an email allowing access to porn sites.
The email was first distributed to a Usenet group but quickly got out of hand. When a user opened the email a message, the infected Word attachment was sent to the first 50 names in the user's address book. The scheme was particularly successful because the email bore the name of someone the recipient knew and referenced a document they had allegedly requested. I recall spending long hours cleaning up after this one.

The ILOVEYOU virus is considered one of the most virulent computer virus ever created and it’s not hard to see why. The virus managed to wreak havoc on computer systems all over the world, causing damages totaling in at an estimate of $10 billion. 10% of the world’s Internet-connected computers were believed to have been infected. It was so bad that governments and large corporations took their mailing system offline to prevent infection.
The virus was created by two Filipino programmers, Reonel Ramones and Onel de Guzman. What it did was use social engineering to get people to click on the attachment; in this case, a love confession. The attachment was actually a script that poses as a TXT file, due to Windows at the time hiding the actual extension of the file. Once clicked, it will send itself to everyone in the user’s mailing list and proceed to overwrite files by itself, making the computer unbootable. The two were never charged, as there were no laws about malware. This led to the enactment of the E-Commerce Law to address the problem.

3. MyDoom
MyDoom began appearing in inboxes in 2004 and soon became the fastest spreading worm ever to hit the web, exceeding previous records set by the Sobig worm and ILOVEYOU. A side note, though I knew people affected by Sobig and ILOVEYOU, I did not see either of these in the wild.
The reason that MyDoom was effective was that the recipient would receive an email warning of delivery failure – a message we have all seen at one time or another. The message prompted the recipient to investigate thus triggering the worm.
Once the attached file was executed, the worm would send itself to email addresses found in the local address book and also put a copy in a shared folder (KaZaA). Like Klez, MyDoom could spoof email but also had the ability to generate traffic through web searches, which placed a significant load on search engines like Yahoo and Google.

MyDoom was also significant for the second payload that it carried, which was a DDoS attack on the SCO group; albeit not the coordinated sort of attack, we would now expect to see with modern bot-nets. The origination of the virus is attributed or suggested to be someone in Russia, but no one was ever able to confirm.
Lastly, MyDoom contained the text “andy; I’m just doing my job, nothing personal, sorry,” which led many to believe that the virus was constructed for a fee for a spammer, though this also was not confirmed. Shot in the dark: if you are the Andy referenced in MyDoom and are reading this, please comment!

4. Code Red
Code Red first surfaced in 2001 and was discovered by two eEye Digital Security employees. It was named Code Red because the pair were drinking Code Red Mountain Dew at the time of discovery. The worm targeted computers with Microsoft IIS web server installed, exploiting a buffer overflow problem in the system. It leaves a very little trace on the hard disk as it is able to run entirely on memory, with a size of 3,569 bytes. Once infected, it will proceed to make a hundred copies of itself but due to a bug in the programming, it will duplicate even more and ends up eating a lot of the system's resources.
It will then launch a denial of service attack on several IP address, famous among them the website of the White House. It also allows backdoor access to the server, allowing for remote access to the machine. The most memorable symptom is the message it leaves behind on affected web pages, “Hacked By Chinese!”, which has become a meme itself. A patch was later released and it was estimated that it caused $2 billion in lost productivity. A total of 1-2 million servers were affected, which is amazing when you consider there were 6 million IIS servers at the time.

5. 2007 Storm Worm
Though I did consider the 1988 Morris worm, regarded as the first worm, I had to go with the 2007 Storm worm as the 5th to include. Known by many names the Storm Worm is a backdoor Trojan that affects Microsoft based computers.
Here, again, we see a distribution of payload through email, with the subject heading, “230 dead as storm batters Europe”. The Storm Worm was a Trojan horse that would join the infected computer to a bot-net – a network of remotely-controllable computers. Though it was thought to be a bot-net of millions of computers, the exact numbers were never known.
Flame is clearly the next evolution in computer viruses and was I an Iranian scientist Flame would definitely be at the top of my list. Which are on your list? Talk Back and Let Me Know.

1 comment:

  1. Very interesting information shared.Awesome post thanks for sharing it.
    I am gratified to introduce myself to you as director of Welfare Institute which concentrates on quality training of students. Students must come to us for their bright future and successful carrier. For more information Call us 9162187216 and visit our websites