JennilynM.

Prangan IV-Kelvin

Top Twenty Most Destructive Computer Viruses of All Time

1. ILOVEYOU a.k.a. Lovebug/Loveletter Virus The ILOVEYOU virus was a computer virus that many consider to be the most damaging virus ever written. It spread itself by email in 2000 through an attachment in the message. Once opened, it loaded itself to the memory, infecting executable files. When a user received and opened the email containing the attachment LOVE-LETTER-FOR-YOU.txt.vbs, the computer became automatically infected. It then spread itself by infecting executable files, image files, as well as audio files like MP3s. After that, the virus sent itself to others by looking up the addresses contained in the MS Outlook contact list. The virus was written by a Filipino programmer who was still a college student at that time. He said the release of the virus was only accidental. 2. CIH a.k.a. Chernobyl Virus This virus was considered one of the most dangerous and most destructive viruses ever because it had the ability to remain undetected in a computers memory, infecting every application that was run. First released in 1998, the CIH virus infected executable files of the operating systems Windows 95, 98, and ME. 3. Melissa Virus Released in 1999, the Melissa virus was another mass-mailing malware that was said to have infected up to 20 percent of computers worldwide. This included the networks of Microsoft, Intel, and other companies that relied on MS Outlook as their email client. 4. Code Red The world had not yet recovered from the damage caused by the ILOVEYOU virus when Code Red was released in mid-2001. Unlike other viruses, this one only targeted certain computers running the Microsoft IIS (Internet Information Server) Web Server, exploiting a bug in the software. Once a computer was compromised by the virus, it would modify the handled website, displaying the message Welcome to http://www.worm.com! Hacked by Chinese! 5. Bagle Bagle was another classic type of mass-mailing malware, but was quite complex. First detected in 2004, it infected users through an email attachment, and also used email to spread itself. Unlike previous mass-mailing viruses, Bagle did not rely on the MS Outlook contact list to make a list of where to send itself. It harvested email addresses from various document files stored in the infected computer from plain-text files to MS Excel files. 6. Blaster The Blaster virus was a complex malware that spread itself not through email, but through a vulnerability in both the Windows 2000 and Windows XP machines. This malicious software was detected in mid-2003 and by then had infected hundreds of thousands of computers. Once a computer was infected, it displayed a message box indicating that the system would shut

down in a couple of minutes. It was also programmed to launch a DDoS attack to a server run by Microsoft by April 2003, but was already contained by that time. Discovered in the code was a hidden message toMicrosoft founder Bill Gates saying Billy Gates, why do you make this possible? Stop making money, and fix your software! 7. Sasser Sasser was another complex computer virus that crippled thousands of computers, and was written by a 17-year-old German student in 2004. Sasser did not spread through email, and did not require any human intervention to compromise computers. It infected computers by exploiting vulnerability present in both Windows 2000 and Windows XP machines, known as the RPC (Remote Procedure Call) exploit - the same vulnerability used by the Blaster virus. Sasser successfully infected and shut down thousands of computer networks in just a matter of days. After infecting a computer, it is programmed to access the Internet to search for other vulnerable machines so that it can infect them. Sasser also displayed a notice indicating that the system was shutting down. 8. MyDoom Another mass-mailing virus that caused a lot of damage was MyDoom. Though it was primarily written to spread through email, it also successfully infected computers by infecting programs stored in the shared folder of the Peer-to-Peer software KaZaA. Detected in 2004, MyDoom slowed down global Internet access by ten percent, and caused some website access to be reduced by 50 percent. Upon infection, it looked for email addresses from contact lists and sent itself to any addresses it found. 9. Sobig.F Computer users were still recovering from the damage caused by Blaster in 2003 when another mass-mailer known as Sobig.F attacked. This computer virus caused billions of dollars in damage by stalling or completely crashing Internet gateways and email servers, resulting in the merciless slowing down of global Internet access. It harvested email addresses from various documents found in the infected computers 10. SQL Slammer SQL Slammer is the least damaging virus in this list. It still caused a considerable amount of damage, though, by overwhelming routers, causing them to shut down. The target of this virus was web servers running a vulnerable version of Microsoft SQL Server. Only computers that ran this server software were infected, but it caused the slowdown of Internet access around the world. In just under ten minutes, it was able to infect thousands of servers center away. Upon infection of a server, the virus generated random IP addresses through which it attempted to further infect other computers .

11. Conficker (2009) -- The Conficker worm has created a secure, worldwide infrastructure for cybercrime. The worm allows its creators to remotely install software on infected machines. What will that software do? We don't know. Most likely the worm will be used to create a botnet that will be rented out to criminals who want to send SPAM, steal IDs and direct users to online scams and phishing sites. 12. Nimda (2001) -- A mass-mailing worm that uses multiple methods to spread itself, within 22 minutes, Nimda became the Internet's most widespread worm. The name of the virus came from the reversed spelling of "admin."

13. Sasser (2004) -- This nasty worm spread by exploiting a vulnerable network port, meaning that it could spread without user intervention. Sasser wreaked havoc on everything from The British Coast Guard to Delta Airlines, which had to cancel some flights after its computers became infected. 14. Storm (2007) -- Poor Microsoft, always the popular target. Like Blaster and others before, this worm's payload performed a denial-of-service attack on www.microsoft.com. During Symantec's tests an infected machine was observed sending a burst of almost 1,800 e-mails in a fiveminute period. 15. Morris (1988) -- An oldie but a goodie; without Morris the current threat "superstars" wouldn't exist. The Morris worm (or Internet worm) was created with innocent intentions. Robert Morris claims that he wrote the worm in an effort to gauge the size of the Internet. Unfortunately, the worm contained an error that caused it to infect computers multiple times, creating a denial of service.
16.Klez Klez is a computer worm that propagates via e-mail. It first appeared in the end of 2001. A number of variants of the worm exist. Klez infects Microsoft Windows systems, exploiting vulnerability in Internet Explorer's Trident layout engine, used by both Microsoft Outlook and Outlook Express to render HTML mail. 17.Bagle Bagle (also known as Beagle) is a mass-mailing computer worm written in pure assembly and affecting all versions of Microsoft Windows. The first strain, Bagle.A, did not propagate widely. A second variation, Bagle.B is considerably more virulent. Bagle uses its own SMTP engine to mass-mail itself as an attachment to recipients gathered from the victim computer. 18.Win32/Simile Win32/Simile (also known as Etap) is a metamorphic computer virus written in assembly language for Microsoft Windows. The virus was released in the most recent version in early March 2002. It was written by the virus writer Mental Driller. Some of his previous viruses, such as Win95/Drill (which used the Tuareg polymorphic engine), have proved very challenging to detect. When the virus is first executed, it checks the current date. If the host file (the file that is infected with the virus) imports the file User32.dll, then on the 17th of March, June, September, or December, a message is displayed. Depending on the version of the virus the case of each letter in the text is altered randomly. On

May 14 (the anniversary of Israeli Independence Day), a message saying "Free Palestine!" will be displayed if the system locale is set to Hebrew.

19. Jerusalem (1987)

This was one of the earliest and most successful viruses, which activated each Friday the 13th. The virus installed itself in the target computer's memory when an infected file was opened.

20. Stoned (1987)

This was apparently the biggest virus in terms of infections. The most common effect was to display a message that read: "Your PC is now stoned. Legalise marijuana." There are more than 90 variants of the virus, which miraculously resurfaced last year.

21. Tequila (1991)

Tequila infected computers by writing an unencrypted copy of itself to sectors of the systems hard disk and modifying the master boot record. It was particularly dangerous as it used stealth methods to avoid detection and couldn't be removed from the infected computer's memory.

22. Michelangelo (1991)

Michelangelo was a sleeper. After spreading quietly for months, it activated on 6 March 1991 the birth date of its namesake destroying data on tens of thousands of computers by overwriting parts of the hard disk with random data.