DEADLY COMPUTER VIRUS IN HISTORY

                WORST

                COMPUTER VIRUSES                    

                  IN HISTORY

Viruses can be an irritating menace or they can be devastatingly destructive. It’s hard to believe today that when computing for the masses took off in the 1980s the concept of a computer virus was something generally scoffed at and dismissed as outlandish.   Today, we know different; their potential for harm has mirrored their increasing spread. From Slammer, which caused an estimated $10 billion worth of damage, to Conficker, which caused chaos and panic and infected about 15 million computers, they now spread from one corner of the world to another at the speed of light.
a

Since the dawn of computing for the masses, countless viruses have been released. Today, an estimated one million viruses are in circulation and thousand are created every month.

Get the inside track of some of the most notable.

                                                               



         1988


 THE MORRIS WORM

In 1988 Robert Morris, a university student, released a worm which affected 10 percent of all the computers connected to the internet.                                                                                                     

• The virus slowed the computers down to a crawl and brought all the machines used by the Massachusetts Institute of Technology to a halt.
• Within days it became the most widespread virus in the world had ever seen.
• The concept virus accidentally shipped on a CD-ROM supplied by Microsoft in 1995.
• Morris later became an Associate Professor at MIT.

 1999

MELLISA

Mellisa was spread via a file to a usenet group called alt.sex, and file contains passwords for 80 pornographic websites.

• The virus was named after a miami based stripper.
• It infected millions of machines.
• As soon as the email recipient opened the file, the worm attempted to mail itself to the first 50 email addresses it could take from the computer.
• Its creator, David L. Smith was banned from even going near a computer without consent from a court.

                             2000

                    I LOVE YOU

The 'I LOVE YOU ' virus spread when it was downloaded as an email or message attachment. It then started copying itself several times and hiding in folders on the hard drive.

        It did about $10 billion worth of damage, rapidly infecting networks around the world.
        The original worm had the file name of LOVE-LETTER-FOR-YOU.TXT.vbs. The vbs extension  
         pointed to the language the hacker used to create the worm: Visual Basic Scripting

• It replaced several different kinds of files with copies of itself.
• It downloaded a file called WIN-BUGSFIX.EXE from the Internet and executed it. Rather than fix bugs, this program was a password-stealing application that e-mailed secret information to the hacker's e-mail address.

                        2001

        THE KLEZ VIRUS

The Klez virus marked a new direction for computer viruses, setting the bar high for those that would follow. It debuted in late 2001, and variations of the virus plagued the Internet for several months. The basic Klez worm infected a victim's computer through an e-mail message, replicated itself and then sent itself to people in the victim's address book.

• Depending on the version, the Klez virus could act like a normal computer virus, a worm or a Trojan horse. It could even disable virus-scanning software and pose as a virus-removal tool.
• Shortly after it appeared on the Internet, hackers modified the Klez virus in a way that made it far more effective.

        September, 2001

                   NIMDA

NIMDA is the ADMIN spelled backwards. Nimda spread through the Internet rapidly, becoming the fastest propagating computer virus at that time.

• Within 25 minutes of its release it had become the internet's most widespread worm.
• It infected email and sent itself out to the email contacts; broke into web servers and infected files on websites.
• It appeared one week after  9/11 leading to speculation that it was created by state actors or even terrorists groups.
• The spread of the Nimda virus caused some network systems to crash as more of the system's resources became fodder for the worm. In effect, the Nimda worm became a distributed denial of service (DDoS) attack.

                     2003

SQL SLAMMER/SAPPHIRE

In late January 2003, a new Web server virus spread across the Internet. Many computer networks were unprepared for the attack, and as a result the virus brought down several important systems. The Bank of America's ATM service crashed, the city of Seattle suffered outages in 911 service and Continental Airlines had to cancel several flights due to electronic ticketing and check-in errors. It caused about $10 billion worth of damage, rapidly infecting networks around the world.

•  Slammer caused a Denial of Service on the internet hosts and dramatically slowed down the internet traffic, infecting mosts of its 75,000 victims within 10 minutes.
• Fifteen minutes after its first attack, the Slammer virus infected nearly half of the servers that hold up the internet.

          2004

    MYDOOM

The MyDoom (or Novarg) virus is another worm that can create a backdoor in the victim computer's operating system. It was spread through an email attatchment which usually had an innocuous title such as "Mail Delivery System" or "Mail Transaction Failed".

• It was the fastest spreading virus of all time.
• A 250,000 Euro reward to find its creator. But he was never discovered.
• Its aim was to assault Google, AltaVista and Lycos and at its peak it managed to shut down Google for almost a day.
• In February, 2004 it infected 1 in 12 emails with 100,000 interceptions taking place every hour.

                      2004

   SASSER AND NETSKY

The Sasser worm attacked computers through a Microsoft Windows vulnerability. Unlike other worms, it didn't spread through e-mail. Instead, once the virus infected a computer, it looked for other vulnerable systems. It contacted those systems and instructed them to download the virus. The virus would scan random IP addresses to find potential victims. The virus also altered the victim's operating system in a way that made it difficult to shut down the computer without cutting off power to the system.

• It exploited a vulnerability in Local Security Authority Subsystem Services (LSAS).
• Sasser made it difficult to shutdown machinesand infected many computers.
• Its creator Sven Jaschan released Sasser into the wild on his birthday.

                    2006
LEAP_A/ OOPMA A

Maybe you've seen the ad in Apple's Mac computer marketing campaign where Justin "I'm a Mac" Long consoles John "I'm a PC" Hodgman. Hodgman comes down with a virus and points out that there are more than 100,000 viruses that can strike a computer. Long says that those viruses target PCs, not Mac computers.

For the most part, that's true. Mac computers are partially protected from virus attacks because of a concept called security through obscurity. Apple has a reputation for keeping its operating system (OS) and hardware a closed system -- Apple produces both the hardware and the software. This keeps the OS obscure. Traditionally, Macs have been a distant second to PCs in the home computer market. A hacker who creates a virus for the Mac won't hit as many victims as he or she would with a virus for PCs.

But that hasn't stopped at least one Mac hacker. In 2006, the Leap-A virus, also known as Oompa-A, debuted. It uses the iChat instant messaging program to propagate across vulnerable Mac computers. After the virus infects a Mac, it searches through the iChat contacts and sends a message to each person on the list. The message contains a corrupted file that appears to be an innocent JPEG image.

The Leap-A virus doesn't cause much harm to computers, but it does show that even a Mac computer can fall prey to malicious software. As Mac computers become more popular, we'll probably see more hackers create customized viruses that could damage files on the computer or snarl network traffic. Hodgman's character may yet have his revenge.

                     2006

         STORM WORM

It was late 2006 when computer security experts first identified the worm. The public began to call the virus the Storm Worm because one of the e-mail messages carrying the virus had as its subject "230 dead as storm batters Europe." Antivirus companies call the worm other names. For example, Symantec calls it Peacomm while McAfee refers to it as Nuwar. This might sound confusing, but there's already a 2001 virus called the W32.Storm.Worm. The 2001 virus and the 2006 worm are completely different programs.

The Storm Worm is a Trojan horse program. Its payload is another program, though not always the same one. Some versions of the Storm Worm turn computers into zombies or bots. As computers become infected, they become vulnerable to remote control by the person behind the attack. Some hackers use the Storm Worm to create a botnet and use it to send spam mail across the Internet.

Many versions of the Storm Worm fool the victim into downloading the application through fake links to news stories or videos. The people behind the attacks will often change the subject of the e-mail to reflect current events. For example, just before the 2008 Olympics in Beijing, a new version of the worm appeared in e-mails with subjects like "a new deadly catastrophe in China" or "China's most deadly earthquake." The e-mail claimed to link to video and news stories related to the subject, but in reality clicking on the link activated a download of the worm to the victim's computer.

                                      

CONFICKER VIRUS

The Conficker worm is a virus that can infect your Windows PC. It is able to spread itself to other computers across a network automatically, without human interaction.  It is estimated that this worm has infected over 10 million computers to date, and is set to come out of dormancy on April 1st, 2009 (Wednesday).  On that date Conficker will download instruction code from internet servers. These instructions could contain nearly anything, including commands for a host computer to take over infected computers. The instructions might also activate a keystroke logger to steal your personal data (i.e. usernames, passwords), or it might turn infected computers into an army to attack technological infrastructures, or the worm's instructions may cause no problems. It is not known what the instruction code might contain.
Last October, Microsoft issued the Windows Security Update MS08-067 to address the vulnerability. If this security update was installed, the chances of infection are minimal.  In addition, Computing and Communications provides anti-virus (Sophos) and anti-spyware (SpySweeper) software at no cost to install and run on Windows and Macintosh computers.  Running a full hard-drive scan with an up-to-date anti-virus program could detect this infection.