We all go through the charade where we couldn’t get around to installing the-much-overdue-antivirus, and one day it just went haywire, causing disruptions in programs, slowing down your system etc. However, most of these viruses do not demand much attention, instead just require a cleanup and later you can safeguard the cleanup by actually installing an antivirus this time. In some extreme cases, the virus can turn your computer into nothing but beautifully assembled junk placed in your home. Our top 5 picks for today are based on the damage these viruses have caused in real time that amounted to billions of dollars in property damage and upsetting critical real life processes and infrastructure. The virus is only one kind of malware; the others can be spyware, adware, and ransomware, etc. Since masses equate all malware including worms and trojan horses as well as viruses, we will continue with that assumption. However, here is a quick view of their differences;
Flavors of Viruses
- The general term computer virus usually involves a piece of code that becomes a part of the computer program(s) in its victim. Hence, virus program becomes a part of the host program, and depending on its functionality, changes the way computer functions. It could replicate itself, and disrupt normal performance in multiple ways.
- A worm would replicate itself without depending on a host program and propagates through computer networks on its own.
- Trojan Horses are, as the name suggests, appear separate from their true self. Some can corrupt the host’s hard drive; others may create a backdoor which can be used to access the computer of the victim remotely.
Top 5 Worst Viruses
Here are our top-5-Worst-Virus-picks in ascending order.
Zeus, first identified in 2009, a Trojan horse, was created to sidetrack windows’ computer to perform criminal activities, most commonly man-in-the-browser Keylogging and Form Grabbing. Mainly computers were infected by Phishing Scams or drive-by downloads. Zeus damaged giant multinational corporations and banks by compromising thousands of FTP accounts and computers. The giants include Amazon, Oracle, Cisco, Bank of America, etc. The Zeus botnet managed to steal Login credentials of Social Network, Email and Bank accounts.
Only in the USA, 25% of the computers were invaded which accounts to more than one million computers. The operation was refined enough that $70 million dollars were stolen since people around the world acted as middlemen and money mules that smuggled and transferred cash to the ringleaders in Eastern Europe. Around 100 people, linked to Zeus operation, were arrested. Zeus’ creator announced his retirement in late 2010.
A computer science student, Sven Jaschan created Sasser and Netsky Worm, which was first noticed in 2004. Although the payload appeared to be annoying at first for crashing the computer and slowing it down, upon further study, it was revealed that the effects of Sasser were so disruptive that it not only caused damage to millions of computers, also to critical infrastructure. The worm took over the security policy of local accounts and crashed the system, before using the resources to transfer itself to another device via the Internet automatically. The victims ranged from airlines, public transportation, hospitals, new agencies, etc. responsible for a damage of worth $18 Billion. Jaschan was sentenced to 21 months, for being a junior.
David L. Smith created Melissa, a virus that was named after an exotic dancer, in 1999. The infected word document was posted on alt.sex USENET group, allegedly a list of passwords for pornographic sites. Once people downloaded the document and opened it, the macro would be triggered and the payload released. The function of the payload was to mail itself to first 50 people in the hosts’ mail address book. The overload of email traffic caused the disruption of email service for government and corporations. The virus would corrupt documents by using Simpsons references into the documents.
The word document was uploaded from a stolen AOL account and was traced back to Smith, and he was caught within a week of the outbreak, which caused a$80 million dollar damage reportedly. Smith cooperated with FBI and captured other virus creators, such as the creator of Anna Kournikova Virus, which led to a reduction of his ten-years-sentence to only 20 months in jail with $5000 fine.
2. Code Red
Code Red was discovered in 2001, by two employees of eEye Digital Security. The worm was named such because the discoverers were drinking Code Red Mountain Dew when they noticed the problem. Red Code infected computers that had installed the Microsoft IIS web server, taking advantage of the buffer overflow problem. The worm, at the size of 3,569 bytes, ran exclusively on memory which means it could not be traced through the hard disk. It would make hundreds of copies of itself, once entering the computer, draining all the resources unavailable. It would proceed to launch a DOS Denial of Service attack on many IP address, famously including the White House website. It created a backdoor access, providing remote access to the server.
The affected web pages will be identified of the attack by Code Red Worm with a display message “Hacked By Chinese!”, The source of the meme itself. Before the patch was released, the loss of productivity cost estimated at $2 Billion, with 1-2 million infected servers. The peculiarity that surfaced here was that there were supposedly only 1 or 2 IIS servers documented at the time.
I am not a cynic; the ILOVEYOU virus is known to be the most virulent malware ever created. The virus managed to infect 10% of the computers with internet connections, around the globe. The havoc wreaked by the ILOVEYOU virus was estimated at $10 billion; the situation was so ugly that to prevent infection large corporations and governments had to take their mailing system offline. Reonel Ramones and Onel de Guzman, two programmers from the Philippines, were behind the Chaos of ILOVEYOU. The virus would make people click on an attached script called “a love Confession” by using social engineering. The script, appearing to be a txt file, was hiding the actual extension. The virus would send itself to all the hosts’ mailing list, once engaged. It then went on to overwrite files with a copy of itself such that the computer became unbootable.
Fernando D. Contreras was vice president of the Philippine Internet Service Organization at the time.
”It was like the Pearl Harbor that caught us sleeping.” remarked Mr. Contreras
The Virus also made to the top of our list because it became the foundation for the enactment of E-commerce Law for Cybersecurity criminals. The two Filipinos were never charged, they paved the way for the creation of a law against hacking.