We know computer virus create damages to the programes but some virus are designed so that can steal data like password etc. Computer virus had caused $8.5 billion of consumer losses in 2008 alone. If you think that you are so intelligent not to fall for computer virus, then, how will you react if the computer virus had used famous tennis star Anna Kournikova to trap its victims? The Anna Kournikova virus was so notorious that it had paralyzed thousands of servers all over the world but it did not even made it our list as other computer virus were deemed more damaging.
Stuxnet (2010)
Stuxnet, a computer worm was discovered in July 2010 and unlike other worms, this worm specifically targets computers, which run critical infrastructure like water treatment, oil pipelines, gas pipelines and power grid.
According to Sean McGurk, head of Cybersecurity Center at Department of Homeland Security, this worm can enter any system and steal any formula needed to manufacture something. Gurk called Stuxnet as a “ game changer”.
There was really no specific facility in which the worm was used to attack however, Symantec, a popular security firm had said that the nuclear plants of Iran was the target of the worm.
Symantec had found out that there were 44,000 Stuxnet infections around the world. In which 1,600 were from the United States but 60% of the infections were found in Iran.
SirCam (2001)
SirCam is a sneaky computer bug, which worked to steal files and spread it to the internet. The SirCam virus is a rogue bug that had victimized even the former Ukraine President Leonid Kuchma. Due to the bug, the guarded schedule of the president was announced to the public and was spread around the world.
The sensitive file of the Ukrainian president had included the activities and itinerary of Kuchma, which was related to the anniversary independence of Ukraine back then.
The SirCam bug was first detected in July 2001 was considered during that time as the most widespread bug in the internet. Individual computer users had complained Norton Antivirus and Symantec were not able to detect and clean the bug.
The SirCam was spread through opening the attached document in the email. Unsuspecting e-mail receiver will likely open the e-mail, which always starts with “Hi, how are you?”, and the e-mail usually ends in “See you later and thanks.” The middle part of the letter will ask the receiver to open the attached file because the sender is asking for an advice about something. If the attached document is opened, the bug will spread to your hard drive and the process begins again.
SirCam had caused embarrassing emails to users infected with the virus. SirCam had infiltrated the Windows, gets documents from the hard drive and then send it randomly as an attachment to all the active e-mail addresses of the address book.
The horror of individual users were horrific as they soon found out that private documents like pictures, resumes and personal letters were send to total strangers.
The bug was not just available in English but also Spanish variations were also spread. Symantec was forced to update a second patch for its users to clean the bug.
SirCam virus had affected 96 countries but the worst hit country is the United States and the United Kingdom.
But after hitting United States and Europe, the email worm also affected Japan. According to report of Sony electronics, they had detected and removed 6,000 SirCam infected e-mails.
Slammer (2003)
SQL Slammer is a worm that had targeted the weakness found in the database software of the Microsoft. The worm had taken advantage to the old security loophole in the server software. Once the worm had infected the server, it will then send several data requests that will be forwarded to other internet address, thus, increasing the chances of infecting other computers. However, the worm itself does not infect any desktop computer and it cannot replicate itself in the e-mails. But the effect was devastating, it had bogged down networks and had caused several websites to go offline.
The spread began in January 25, 2003, as it started spreading, it had doubled its size every 8.5 seconds. Within ten minutes, it was able to infect 90% of the most vulnerable hosts. During its peak or around 3 minutes after it was released, the worm already had fifty five million scans per second in the internet.
Experts believed that it had affected millions of computers worldwide. Many countries were affected but the worst hit was South Korea.
In South Korea, where three quarters of population enjoy internet access, the online accessibility was crippled for eight hours.
Slammer worm was able to infect 75,000 hosts and had network outages that had resulted to cancelled airline flights and some problems in the cash machines.
Klez.H (2002)
Klez.H first appeared in April 15, 2002 and it had affected one in every 300 emails.
Several versions of the virus were released in the cyberspace but the most hazardous is the Klez.H. During its attack, Klez.H attacks the Windows but it does not affect the Microsoft Outlook email since it the Microsoft were able to strengthen its anti-virus capacity.
The virus works be choosing several names from the list in the address book but each email uses different range of subject, attachment names and text thus making it difficult to trace and identify which email contain the virus.
An email security company based in London had traced 775,000 copies by the virus. It has been dubbed as one of the biggest virus that had affected computer users.
Sasser (2004)
In May 2004, computer experts had deal with four variations of worm that had spread to the Windows operating system. The worm was known as SasserA, SasserB,SasserC and SasserD. The worm had targeted Windows 2000 as well as other Windows operating system like Windows 95, Windows 98 and Windows XP and Windows ME.
According to a security expert at Ohio, the worm Sasser was aggressive and has the ability to replicate quickly.
What makes things more complicated is that an email circulated in the net, which promised a “fix” to remove the Sasser worm, but they said “fix” also contained another virus known as Netsky-AC.
Experts believed that there was a linked between the creators of Sasser and Netsky.
Most computer virus needs human intervention to spread but Sasser used vulnerability of LSASS and then, scan several internet addresses until it could use a system. Then, it copies itself to the directory of the Windows as an executable file and it is then launched the next time your pc is booted.
One symptom that your pc is affected when the pc restart every time you try to go online. Sasser can spread from one machine to another.
Sasser had affected Taiwanese Post office, banks in Scandinavia and a train system in Sydney Australia.
When police investigated the creator of the virus, it was learned that an 18-year-old German high school student had admitted creating the virus. The teenager was arrested in the town of Rotenburg in Northern Germany with the help of Microsoft and FBI but he was later released.
Experts believed that Sasser had infected more than a million computers and had knocked out several computer systems. Disruption of large companies was also blamed to Sasser.
Conficker (2008)
Conficker was spotted in November 21, 2008, the worm can infect other computers across a network and it can fix the bug as other worms trying the same are locked out. The next day, Microsoft had strongly suggested to its users to apply immediate updates to counteract vulnerabilities however, machines that were infected with Conficker A were activated. It then started to use different sets of 250 domains every day for other instructions. At that time, 500,000 computers are already thought to be infected with this worm.
A few days, after a website, trafficconverter was contacted by infected pc for any update but the file is not there. Exactly, two month later, census revealed that around 1.5 million machines are infected.
The virus did not stopped there from spreading as another variant was found in January 2009. In fact, the MoD of United Kingdom was infected and it had taken two weeks before they were able to clear the damage.
In February 2009, number of machines that were infected by Conficker had exploded and that millions were affected. In that same month, the Microsoft had announced $250,000 as a reward to any information which can be given about creators of Conficker.
In March, another variant Conficker C was spotted and it had tried all infected pc to get the latest variant.
The worst was not over, in April 1, Conficker C had connected to domains for the instructions. On that April fool’s day, around two million computers were infected with this variant.
Most Damaging Computer Virus MyDoom (2004)
MyDoom also called, as Novarg is a computer virus that had clogged networks and had allowed unauthorized access to pc. The virus was also spread to file sharing networks and was able to open “back door” to computers.
Most of the emails were seemed sent from charities, organizations, or any educational institutions so it can fool its recipients to open the email. MyDoom harvest e-mail addresses from infected computers and from there it will choose another address as the next sender. In MyDoom, it is hard to determine the real sender.
Thousands of e-mails were triggered within hours after discovery of MyDoom. The worm had affected the computers using the Microsoft Windows platform.
Microsoft had announced that they would give a reward of $250,000 for any information which can lead to the arrest of creator of MyDoom virus. According to the general counsel of Microsoft, Brad Smith, the MyDoom worm was a criminal attack as it intent to disrupt computer users.
Aside from the Microsoft, SCO Group also announced another $250,000 reward to any information, which will lead to arrest of the creator of MyDoom.
It was expected that MyDoom virus would cost each companies to $250 million in lost productivity and for technical expenses.
iloveyou bug (2000)
The iloveyou bug was first spotted in Hong Kong and it had spread gradually to the west. It had infected business and government computers. Anti-virus companies in U.S had received many calls from their affected customers which had reported widespread infections.
Computer security experts estimated software damage had amounted to $100 million and had even predicted that the cost may even exceed $1billion.
The bug had even infected the United States Senate computer system and that time, the e-mail system was forcefully shut down but in U.S Congress, only minimal effects were seen.
In Hong Kong, the bug had affected the public relation firms as well as several investment firms. The Asian Wall Street and the Dow Jones Newswires were affected by the bug.
How it works? Many had fallen to the iloveyou bug because they had received an e-mail in which a “love letter” was attached. In the file, a Visual Basic script which has the virus payload. When the attached e-mail is opened, the computer will then be infected and it will spread by sending itself again to another e-mail and it will be send unknowingly to another e-mail user in the address book.
A Filipino computer student, Onel de Guzman, was the creator of the iloveyou bug. The worldwide manhunt had started after the attack was done, which culminated the arrest of de Guzman. However, the Justice Department of the Philippines had ordered the release of de Guzman since there were no laws against hacking in the Philippines during that time.
Gameover Zeus (2014)
United States authorities had said in June 2014 that they were able to disrupt very sophisticated types of malware which was used to steal millions of dollars from people around the world.
Gameover Zeus botnet is network of virus that infects computers and target small businesses while Cryptolocker is malicious software which encrypt on your files and it can be used to extract ransom payments from pc owners who wanted to access their own files.
According to reports of FBI, Gameover Zeus was responsible for over $100 million losses in victims from the United States and another one million from pc worldwide had been infected since 2011.
Meanwhile, in 2013, Cryptolocker was responsible for attack to 200,000 pc, half on which is from the United States. In just first two months, $27 million were extorted from the computer victims.
One police department in Swansea, Mass, had paid ransom to cyber criminals just to have its access again to the files after the system was infected by Cryptolocker.
Another victim had lost $6.9 million dollars in a fraudulent wire transfer from bank account.
Federal prosecutors said that a gang of cyber criminals in Russia is responsible for Gameover Zeus. United States is in serious talks with Russian authorities to secure arrest but is unlikely at this time.
Most Damaging Computer Virus Code Red (2001)
Code red had infected over 225,000 computer systems worldwide in which sites that were affected had displayed messages of “Hacked by Chinese”. But despite the message, the exact origin of the virus was unclear.
Ultimate goal of the worm was to gather strength by infecting pc and let those computers attack a numerical internet address which represented the White House.
But the White House was prepared for the cyber attack as it apparently changed its web site to a different IP address to avoid any possible attacks.
