We’ve decided to take a look back into the deepest darkest corners of the computer malware world to bring you six of the worst viruses in history and the damage they caused.
By no means is this an exhaustive list of computer viruses, we’ve taken a look at what caused the most financial damage and had the fastest/widest reach. While the giants of the tech world continue to take huge strides forward in antivirus and security, and we focus on remaining at the forefront of IT security, viruses are continually evolving and posing challenges to modern business.
Quick facts: This virus was originally launched in July, 2001. The worms operating system vulnerability, which at the time was found in machines running Windows 2000 and Windows T. Essentially, it worked by sending the computer instructions after a long string of drivel. This created a buffer overflow problem, which means when a machine is running on the aforementioned operating systems and receives more information than the buffer can handle, it then begins to overwrite adjacent memory with instructions for the virus.
Virus identified: Users were identifying that with Windows NT machines they were frequently crashing, and with Windows 2000 there was a system-level compromise.
Virus damage: In less than one day the virus had infected more than 359,000 computer systems and caused in excess of $2billion in losses. 91% of those infected with Code Red were in the US.
I Love You
Quick facts: Back in 2000, when spam emails were much less frequent, and before we all learnt to be sceptical of unsolicited emails, a very innocent looking email with an attachment labelled ‘I Love You’ was distributed. It was launched from the Philippines and allegedly written by Onel de Guzman. The virus would overwrite file types with copies of itself to continue spreading the original virus. The fast spread of this virus was largely due to its ability to send the infected file to up to 50 contacts in a user’s contacts in Outlook.
Virus damage: Over 500,000 PCs were infected. The program was designed to steal Internet access passwords, which is did successfully, racking up damaged of approximately $15billion.
Quick facts: Known for being one of the fastest spreading viruses in history, My Doom started on the Kazaa file sharing network and then to email networks. In 2004, this particular virus was infecting one in 12 email messages on the internet. My Doom also opened ports on victims’ computers so that hackers could obtain backdoor access to their systems.
Virus identified: Infected computers would send search requests to search engines to find email addresses, with many failing to cope with the volume of requests, and crashing. It became very difficult for experts to track as it was also capable of spoofing its infected emails.
Virus damage: Over two million PCs were infected and damages were in excess of $38 billion. McAfee also reported that My Doom slowed down Internet access worldwide by 10 percent and reduced access to some websites by as much as 50 percent.
Quick facts: Also known as Sapphire, this virus was launched in 2003. It spread through buffer overflow vulnerabilities in Microsoft’s SQL Server database management service. This internet work caused a denial of service on some internet hosts and dramatically slowed by general online traffic. Despite being named “SQL slammer worm”, the program did not use the SQL language.
Virus identified: The virus calls the Windows API function, and used the result as a seed to randomly generate IP addresses. It then opens a socket on the infected computer and repeatedly forwards itself to UDP port 11434 on the IP addresses by using an ephemeral source port. This process helped the virus double in size every 8.5 seconds.
Virus damage: Among its victims was the 911 emergency response system in Washington State; a nuclear plant in Ohio, Continental Airlines; and Bank of America’s ATMs. Financial damages are estimated at $1,200,000,000.
Quick facts: Also known as Downadup, Downup and Kido, Conflicker
it was first discovered in November, 2008 and since that time it has infected millions of computers, establishing the infrastructure for botnet. By taking advantage of vulnerabilities in Windows 2000, XP, 2003 servers it caused them to install unauthenticated files. The worm spreads by copying itself to the Windows system folder; through file sharing and removable drives, such as USB drives, especially those with weak passwords.
Virus identified: The virus scanned computers for weaknesses and then logged keystrokes, downloaded code from hacker-selected websites and much more.
Virus damage: In 2007, the virus costs were estimated at over $9.1 billion, infected millions of computers across the world.
Quick facts: Users who didn’t have effective or reliable backups were given the choice to pay the $300 ransom or say goodbye to all documents, spreadsheets and photograph. When the ransom has been paid, surprisingly all the files were returned.
Unlike other previous ransomware viruses, Cryptolocker really did encrypt the files. By using such a robust system, the malware authors created a program that was extremely difficult, if not impossible, to circumvent.
Virus identified: This ransomware Trojan is believed to have been first posted to the internet in September 2013.
Virus damage: It’s hard to ascertain the exact level of damage caused by this virus, as it continued to be reported as infecting more devices. However, by December 20 of 2013, it was reported to have grossed up to $30 million in ransom in just over 100 days, according to a Dell SecureWorks report by Keith Jarvis.
Your computer systems
If you have been hit with a computer virus and don’t have the appropriate antivirus programmes, speak to a member of our team about data backups and security by calling us on 01462 417070.