5 Most Infectious Computer Viruses Ever
April 06, 2009 at 04:04:27 AM, by Gilberto J. Perera
With the number of computer users approaching 1 billion1 worldwide and with annual losses due to malware attacks exceeding $13.3 billion annually2, it is no wonder that virus prevention, detection, and eradication have become some of the most important issues surrounding the IT world today.
The intent of this article is to increase awareness to the seriousness and devastating effects that viruses have on our IT infrastructure as well as our personal computers. We hope that you will leave with an additional piece of useful information and that you are persuaded to follow the simple steps at the end of this article that will help you take a proactive approach to securing your computers and your network.
5. 250,000 hosts1 - Sasser (2004)
It is believed that as a result of reverse engineering programmers were able to discover a vulnerability that Microsoft had recently patched. The theory is that the coders took advantage of the fact that many users postponed patch installation and as such left their computers open to the vulnerability identified. The virus exploited a buffer overflow in a component known as LSASS in affected operating systems, hence the Sass in Sasser. The virus began propagation on April 30, 2004 and infected 250,000 computers. (REF)
Common side effects associated with infection include random crashes of LSASS.EXE and a shutdown timer that randomly appears, this being attributed to the worm crashing LSASS. (REF)
4. 359,000 hosts1 - Code Red Worm (2001)
In 2001 employees at eEye Digital Security identified and reported a vulnerability that existed in Windows Server systems, specifically IIS Web Servers. Shortly after the announcement, Microsoft announced a fix that patched the problem. However two weeks after the patch was released on July 12th, the first variant of Code Red began infecting servers and reached a peak of 359,000 servers. The virus affected unpatched endpoints and defaced servers along the way, displaying the following text when users visited an infected website, “HELLO! Welcome to http://www.worm.com! Hacked By Chinese!” (REF1 REF2)
3. 1-10 million hosts12 – Storm Worm (2008)
On Friday January 2007 users in Europe and the United States began receiving email messages containing information regarding a storm that was blowing in Europe (a fact) the email tricked users into opening a link and/attachment which then infected the computer. It is estimated that the Storm Worm accounted for 8% of all malware infections in the world since January 2007.
When the attachment is open, the host computer becomes part of a botnet and start sending and receiving commands. The worm then piggybacks on spam messages to continue spreading. The complication that arises from Storm Worm is that it is not controlled by a centrally located server; rather it is controlled by its peers similar to a peer-to-peer network. This makes it almost impossible to gauge the size of the infected network as well as locate the origin of the commands. Almost all antivirus makers can detect the worm however the programmers are constantly changing the code to respond to increased detection. (REF)
2. 9-15 million computers (estimated)1 - Conficker (2009) AKA “downadup”, “kido”
One of the most recent attacks is that originating from Conficker (first detected on November 2008). The latest variant of the Conficker virus, “Conficker.c”, claims that it will download and install other malicious code onto your computer on April 1st of this year (REF). This Trojan works by disabling security products on your computer and adding your computer to a list of “botnet” computers that are controlled by remote servers on the internet. In order to remove the Trojan you must do so manually due to the fact that the worm was designed to block certain domains (those containing updates/fixes) (REF).
The extent of this Trojans damage is yet to be determined as it continues to be a threat; Microsoft has offered a bounty of $250,000 for the author of this Trojan.
1. 45 million hosts – I Love You (2000)
The I Love You virus made its way to e-mail boxes on May 4th, 2000. With an enticing subject line, “I Love You” users downloaded and opened the attached file which then ran a script that automatically emailed everyone in the address book with the same subject (REF). The virus also made several malicious changes to the infected PC.
The virus was very effective propagating due to the nature of the message and the lack of protection from downloaded files to one’s computer. It is estimated that the cost of the virus ran upwards of $10 billion and infected over 45 million computers (REF).
Example of “I Love You” message
Attachment: LOVE-LETTER-FOR-YOU.TXT.vbs
Subject Line: I LOVEYOU
Message Body: kindly check the attached LOVE LETTER coming from me.
Now that you understand the financial impact and the ability of these viruses to spread quickly and negatively impact your digital life and that of those around you, it is important that you follow these guidelines to ensure that you do not fall victim to malware.
- Enable Windows Auto Update feature: This will ensure that you computer is always up to date and in most cases this will include updates to Windows Defender if installed. Viruses like Sasser and Red Code could have been prevented if computers had been patched when security fix was released.
- Enable Anti Virus Auto Update Feature: Having the latest definitions and latest program files will guarantee your antivirus is up to date and running smoothly.
- Malware Removal Disk/Memory Key: Prepare a memory key that contains all of the latest malware detection and removal tools available. Also include copies of your favorite Antivirus software and antimalware software. By having these programs in a CD or removable device it will ensure that you always have access to these programs and won’t have to rely on an infected machine to download the software.
- Schedule Scans: Make sure that you schedule Virus scans frequently to guarantee that your computer is free of any malicious code.
- Be Careful: Be sure to only open attachments from trusted sources and that prior to opening those files that you scan them with your antivirus software. Most antivirus programs will scan incoming messages prior to you being able to open them. The guidelines above are not all inclusive they only cover some of the basics that will help maintain a secure and virus free computer environment. If you would like to add to the list please let us know.
Stay up-to-date with the latest mobile technology news and laptop reviews with our free newsletter! Get free tips, news and information from Laptop Logic and find the best laptop deals online.
Comments
Shaw at 14:08, June 07, 2009
Want to experience a better support and need any better remote support services (Printing scaning, simple networking, multmedia etc etc) Pls contact OmniTech SUpport. Browse and see how this support has covered most of the webpages.. Picard
Omnitechsupport.com at 07:25, April 20, 2009
Fed up with computer viruses ? Free online virus removal service.