History of Dangerous Viruses
Throughout the twenty or so years that internet access has been possible, there have been repeated attacks by hackers on computers around the world. Hackers originally just did it to see if they could. Then they realized they could be famous by doing it, and now there is a big financial motivation to do so. What follows is information about the most dangerous viruses to date, and the havoc they wreaked.
I Love You 2000
This sounds innocent enough, but it is widely believed to be the most malicious worm ever created. It was noticed first in the Philippines on May 4, 2000, and spread worldwide in just one day, causing $10 to $15 billion in losses and affecting upwards of 15% of internet users around the world. This bug popped into mail inboxes with the subject “I love you” and a “love letter” attachment. It was also called Loveletter and The Love Bug, for obvious reasons. When launched by opening, it overwrote music and video files by attaching a copy of itself to every one of those files on your computer. It also sent a copy to everyone on the victim’s email contact list, spreading very quickly. Even scarier, it searched out user IDs and passwords on infected PC’s and emailed them to its author. By the way, that guy was never charged with a crime because the country had no laws on the books dealing with writing malicious code at the time.
Code Red 2001
Code Red caused close to $3 billion in damage, and trashed a million computers in just a week. Unleashed on network servers in 2001, it was especially dangerous because of its target: computers running Microsoft IIS software, which are the web servers that most businesses run their individual computers with. Microsoft had released updates to fix the problem before it struck, but people are lax in updating computer software. When a computer got infected, it would show a big “hacked by Chinese” message. Then the virus would search for other weak servers and contaminate them, which went on for several weeks, while it also launched attacks on many targeted IP addresses, including the White House Web server.
Blaster Worm 2003
This PC worm was intended to start a SYN flood in 2003, and the worm exposed susceptibility in Windows 2000 and Windows XP. When activated, it presented users with a frightening dialog box saying their system was about to crash. Concealed in the code were messages to Bill Gates about fixing his software. The code was capable of triggering a complete denial of service problem on the April 15th Windows update, but by that time Blaster had already been pretty well stopped. However, it did cause between $2 billion and $10 billion dollars in damages and affected hundreds of thousands of computers. Advance publicity helped stop the spread of the worm by internet service providers adding filtering software. Had this worm been allowed to spread unchecked, it would have been the most dangerous Trojan worm yet.
Sobig Worm 2003
Right on the heels of Blaster, Sobig was detected in Aug 2003. This worm affected millions of computers and caused an estimated $5 to 10 billion dollars in damage. Most virulent strain was Sobig.F., which replicated so quickly that it set a record, spawning more than one million copies of itself in its first 24 hours. It infected host computers via innocently named e-mail attachments. Open the attachment and you activate the worm, which transmitted itself to e-mail addresses it found on your local files, causing massive amounts of Internet traffic. For unknown reasons, the virus deactivated itself and isn’t a threat today. The author of Sobig has never been caught.
My Doom 2004
My Doom was first noticed January 26, 2004 and became virulent, breaking the previous record for proliferation held by Sobig virus. It was designed to send junk emails from infected computers. At peak, which was the same day it was detected, MyDoom slowed internet performance around the world by 10% and caused web pages to load exceedingly slow. For a few hours on this day, users around the world felt a little bit of what a global internet crash might feel like. It spread by transmitting an attachment to what looked like an email error message, and contained the text “Mail Transaction Failed.” When you clicked on the attachment to fix it, it spammed its worm to email addresses found in any address books on the computer, and also via shared folders in networked computers. Security experts speculate that one every 10 email messages sent on this day contained the MyDoom virus. Though it was programmed to stop spreading after February 12, 2004, the author of this worm is still unknown to this day.
Bagle 2004
This is a simple but sophisticated worm that debuted in 2004. It infects computers through the conventional method, as an email attachment. It then scours Windows files for additional email addresses it can use to replicate itself. The real danger of Bagle AKA Beagle and all of the variants of it (at last count 60 to 100) is that it opens an unsecure “back door” to a TCP port which can be utilized by remote users and software applications to access all of the data-personal, financial, anything- on the infected computer. A 2005 TechWeb story credits this worm with starting the “malware-for-profit industry among hackers.” Prior to this, hackers were motivated by their fifteen minutes of fame.
Sasser 2004
This bug was destructive enough to shut down satellite towers for French news agencies, disrupt Delta airline flight schedules and shutdown numerous companies’ systems worldwide. Unlike other worms, Sasser didn’t need human interaction to spread. It found a glitch in Windows programs that hadn’t been updated and used it to self-propagate, then start searching for more unprotected systems and transmit itself to them, which caused crashes and instability in all infected computers. Sasser was written by a 17-year-old German high school student, who did not go to jail because of his age when he wrote it, even though he was found guilty.
Virut Virus 2008
Virut infects executable file types (such as .exe and also .scr), and each time it spreads it changes itself to avoid detection by virus programs. On the infected computers, this virus connects with an IRC server chosen in advance by the virus author. This secret gap in security allows the attacker to download more malware to victim’s computers. This virus affected and completely shut down the court system computers in Texas in February, 2009.
Surely, there is more to come in the history of viruses. Now that hackers have found a way to monetize their programs, the greed will most likely cause a rash of new attacks.