The Five Most Devastating Computer Viruses in History

Posted September 5, 2012 1:00 pm by with 0 comments

Many people develop viruses and they do it for a wide range of reasons. Maybe they’re looking to mine personal and financial information. Perhaps they’re trying to set up a zombie botnet to execute an attack of some kind. Could be they’re trying to force people into purchasing software. Or of course, they might just want to watch the world burn and cause mayhem, destruction, and grief. Either way viruses are nasty business.

Some are nastier than others.

Here’s five of the most devastating, damaging, and downright terrifying computer viruses to ever hit the web.

Nimda:

This nasty little piece of work became the Internet’s most widespread virus in less than a half hour. One of the most destructive viruses of all time, the damages caused by Nimda eclipsed even those caused by the infamous Code Red and MyDoom. The reason for this was that whoever created Nimda hedged their bets. Rather than choosing one infection vector, they decided to use five. Not only could it spread via email, it moved over open network shares, compromised websites, a security exploit in Microsoft IIS 4.0/5.0, and finally, through back-doors left open after Code Red II and sadmind/IIS infections.

Okay. We know it spread like wildfire, but what exactly did it do, aside from propagating itself?

Not only does it possess the capability to provide an attacker with full administrative authority and access to all files on an infected system, it chomps down bandwidth like mad and makes so many changes to the registry that you’d probably be better off reformatting your hard drive.

Mydoom: Mydoom appears to be an example of Internet vigilantism. At the time of its development a company known as the SCO Group was hurling lawsuits left and right like they were going out of style. The target? Linux. They sent letters to literally hundreds of companies for using certain versions of Linux, claiming that the open-source system infringed on their patents. Someone didn’t take kindly to that and as a result developed MyDoom – the fastest spreading email virus to date. Some actually believe that the developer of MyDoom was hired as the email that spread the virus contained the text “Andy; I’m just doing my job, nothing personal, sorry.”

Like the others on the list, MyDoom opened up back-doors that allowed for administrative remote control of infected systems.

ILOVEYOU: Before MyDoom, ILOVEYOU was one of the most damaging, fastest-spreading email viruses ever developed. Back in May of 2000, the virus began spreading as an email with the subject line “I LOVE YOU,” along with a single attachment – “LOVE-LETTER-FOR-YOU.txt”. Obviously, it wasn’t a text file as the tens of millions of infected users quickly discovered, it was a visual basic file.

Once the worm got in good with the system, it relied on the Windows Scripting Engine which was enabled by default. Most users weren’t aware that the engine even existed, so the worm had free reign to do whatever it wanted with the system which involved overwriting media files on the infected PC and sending itself to the first fifty addresses in the Windows Address Book.

Slammer: This nasty little worm infected over 75,000 computers in a matter of ten minutes. While it might not have enjoyed the same success as MyDoom or Nimda, it still spread with surprising rapidity. Microsoft has since patched the vulnerability that the worm exploited and it’s no longer a threat.

Conficker: Conficker’s the most current worm on the list. Shortly after its development and release in 2009, it infected over ten million systems.  Sophisticated and dangerous, Conficker is packaged with a password cracker and copies itself to USB drives as well. Once it infects a system, Conficker prevents the download of Windows updates as well as anti-virus software, at which point it can be used as an extortion tool by malware distributors.

Although Microsoft has already issued a fix for eliminating the worm, Conficker’s actually capable of self-updating so it could very well return in the future, exploiting new security holes. Kind of nasty, isn’t it?

Leave a Reply