Computer viruses took center stage with the advent of computing and the internet in the late 1990s. Viruses are malicious codes fed into a computer system to hamper the operation of programs and software. They can massively slow down your system, corrupt your stored data, and even be used to gain unauthorized access to sensitive personal information on your system.
Today, we’ll look at the ten most dangerous computer virus infections in computing history, how they worked, and the extent of damage they caused. Although we now have the best antivirus software to fight almost all kinds of infections, it’s essential to be aware of the possibilities of really powerful virus infections.
The 10 Most Dangerous Computer Virus Infections
Here are the ten most dangerous computer viruses in history.
Melissa was one of the early viruses that spread in March 1999 when a programmer, David Smith, accessed an AOL account and posted a file named “alt.sex”. The file promised to contain free passwords and access to several adult websites.
However, when opened in Word, the virus spread in the system, got access to Microsoft Outlook, and sent emails to the first 50 contacts it could find. These emails contained the same attachment containing the virus, often named “sexxxxy.jpg”, preceded by alluring messages like, “Here is the document you requested…don’t show anyone else”. Once a victim opened the attachment, the whole cycle would repeat again.
It cost around $80 million in 1999 to repair the damages done by Melissa, which, when adjusted for inflation, comes to $147 million today. The virus infected over 300 corporations and government organizations, including Microsoft and the United States Marine Corps.
The ILOVEYOU virus, which wreaked havoc in May 2000, works similarly to Melissa, only more successful than its predecessor, making it one of the most dangerous computer virus infections. Victims received an email with the subject line, “I Love You,” containing an attachment. When opened, this attachment accessed the host’s Outlook contacts and sent similar emails to all contacts it could find.
The worm was a VBScript program disguised as a text file. VBScript is a Microsoft-developed script language similar to Visual Basic’s lighter version with a similar code structure. Once opened, it overwrote and corrupted several JPEG, audio, CSS, JS, and other files on the system.
Within just ten days, ILOVEYOU infected close to 50 million computers, and a whopping $15 billion was spent on removing the worm. The extent and fear of the virus was so widespread that the Pentagon, Denmark and U.K. parliaments, the U.S. army, Ford Motors, and the CIA suspended their emails to control the damage.
Mydoom was a deadly worm inflection developed in the early 2000s, which spread through email attachments. Once a recipient opened an email containing Mydoom, it would infect the host and send out emails to all contacts it could find in the system, replicating itself.
Mydoom infects the system and creates a “backdoor” for cybercriminals to access the infected device. Typically, this would result in overwhelming and powerful DDoS attacks, bombarding websites with unimaginable traffic and making them inaccessible altogether.
For instance, the software company SCO Group Inc. received 25,000 to 50,000 homepage requests in one evening, forcing SCO to remove the site from the internet directory altogether. It also affected several Microsoft websites and blocked access to antivirus websites, ensuring there was no way of cleaning the systems.
The Mydoom attack was so powerful that it infected almost 500,000 computers within a week. The estimated damage was around $38.5 billion, if not more. One of the most dangerous computer virus infections, and one of the costliest too.
Sobig surfaced in 2003. It was a worm and Trojan, which spread through emails and contained a .pif file. The earlier versions of Sobig were not that harmful. However, the Sobig.F variant was the one that crippled systems worldwide.
Once the .pif file entered a system, Sibig spread it to all connected local networks and hard drives on the first infected P. It then found stored emails and sent them the same email with the .pif file.
The extent of Sobig’s spread was so huge that, at one point, one in every 17 emails contained the Sobig worm. As per a study made in 2018, Sobig is second to Mydoom when it comes to distribution speed.
Some prominent victims of the virus included BBC and Air Canada. The estimated damages caused by the worm stand at an enormous $35 billion.
The Klez virus first appeared in October 2001 and works similarly to the Sobig virus. It spreads through emails containing the virus in the form of an attachment. Klez can read into stored email addresses and spread by sending emails to found contacts. However, it was more dangerous due to being “polymorphic” – it kept changing its code to avoid detection even by the best antivirus solutions.
Klez could alter the “From:” field in an email to any contact found on the victim’s system. Let’s say a contact named “X” is saved on “Y”’s system. So, Klez can send an email from “Y’s” system to “Z” with the From email as “X”. In this case, Z would perceive that X sent them the virus email. However, in reality, only Y’s system is infected.
This modus operandi made detecting and controlling Klez’s spread challenging. In 2001, Klez spread to almost 7% of the total number of PCs worldwide, with an estimated damages of $20 billion.
WannaCry was a ransomware that spread like wildfire during May 2017. Once it entered a system, it encrypted various files stored in it, making them inaccessible to the owner. It then displayed a message demanding a ransom to decrypt the files. The ransom was initially $300, which increased to $600 later.
The ransomware exploited a vulnerability in the Windows operating system and attacked computers that had not installed the security patch for EternalBlue (released by Microsoft two months before the attack). EternalBlue is a hacking method devised by the United States NSA.
WannaCry was estimated to infect around 230,000 systems worldwide. One of the most prominent victims was the NHS websites. The attack led to the cancellation of almost 19,000 appointments and cost around £92 million to repair the damages. The total global loss was estimated at around $4 billion.
7. Code Red
Code Red another dangerous virus is a worm discovered by eEye Digital Security in 2001. It used vulnerabilities in Microsoft’s Internet Information Server (IIS). Interestingly, its work pattern was based on the days of the month.
From the 1st to the 19th of the month, the worm looked for other vulnerable systems on the Internet to spread the infection.
From the 20th to the 27th day, it carried out DDoS attacks on official USA websites, bombarding them with spam traffic until the websites crashed. Once hacked, the websites displayed information reading, “Hacked by Chinese.”
Code Red is said to have affected more than 30,000 organizations and 300,000 servers worldwide during its peak. The cost of damages is estimated at $2.75 billion.
Sasser, just like WannaCry, took advantage of an unpatched Windows OS to enter a system. It exploited a buffer overflow known as LSASS, hence the name Sasser. If you notice the presence of C:WIN.LOG or C:WIN2.LOG files on your hard disk, you’ve been attacked by a Sasser. Random system shutdowns with LSASS.exe messages are also a prominent symptom of a Sasser attack.
However, one important thing to mention is that while Sasser was a dangerous virus, it was relatively easy to prevent. An Updated system and firewall can easily detect and stop Sasser. However, the lack of computer awareness was what made Sasser as successful as it was.
Agency France-Presse was one of the major victims of the virus — it had to shut down its operation for hours. Similarly, Delta Airlines had to cancel several flights after the Sasser attack.
CryptoLocker ransomware, which first emerged in 2013, works similarly to WannaCry (which can be considered a CryptoLocker variant). This dangerous ransomware arrives as an email attachment and encrypts all files it can find once in your system.
The perpetrators use asymmetrical encryption to lock system files, using a public key to encrypt the file. However, the file can only be decrypted using the attacker’s private key. CryptoLocker can access files on hard drives, connected networks, USB drives, and even cloud storage, which makes it more deadly. A ransom is then demanded from the victim to release the files.
However, like Sasser, CryptoLocker can also be prevented with a good business antivirus. Regular scans and backups go a long way in protecting your system from perpetrators.
Zeus is a dangerous virus used by hackers to steal victims’ sensitive financial and banking credentials through keylogging and website monitoring. The viruscan recognize when a user is on a banking website and then starts recording the keystrokes to steal passwords. Another way Zeus operated was by adding infected systems to botnets.
A botnet is a chain of systems infected with malware, connected together and operated by a central system without the actual owner knowing anything.
Zeus often spreads through spam messages containing a malicious link, which automatically installs the malware on the system when clicked. Sometimes, hackers are also successful in corrupting popular websites, which, when visited, install malware in the system. Although it first surfaced in 2007, Zeus wreaked havoc in 2011 when its code was made public. Some prominent victims of Zeus include Bank of America, Amazon, Monster.com, and Cisco.
How Do Most Dangerous Computer Viruses Work and Spread?
Computer viruses are malicious codes or programs injected into a system to sabotage its operation. These viruses can cause a wide range of damage – from erasing data on your hard drives to making the system sluggish. Some viruses even cause your system to crash unexpectedly, resulting in total data loss.
The modus operandi of a virus depends on its type. Some viruses need an action from the victim’s end to activate itself, while some are independent. However, once activated, most viruses self-replicate themselves and create altered copies to avoid detection. They then release the primary malicious code payload to destroy the system.
Emails and unsecured websites are the main sources of viruses these days. Bad actors easily place malicious codes in the form of links in suspicious emails or websites. Once a user clicks on these links or downloads something from a website, the virus enters the system and gets to work.
However, the good news is that you can prevent a virus outbreak by installing the best antivirus software. The complete security toolkit will safeguard your browsing activities and scan all downloads for potential viruses.
Other Popular Techopedia Antivirus Guides
Now that you know how viruses work, here are some comprehensive guides from our network that will help you secure your system against virus attacks:
- The Best Malware Protection Solutions
- The Best Free Antivirus
- The Best Spyware Remover
- The Best Business Antivirus Software
- The Best Mac Antivirus
- The Best Antivirus for Servers
As viruses continue to evolve, it has become even more imperative to stay vigilant. With modern dangerous viruses, spyware, and ransomware looking for opportunities to make their way into your system, it’s important to follow sound cybersecurity practices. These involve installing a reliable antivirus and periodically scanning your systems for any threat actors.
Updating your operating systems is also important, as providers often resolve security vulnerabilities in updates released. Most importantly, you must exercise caution while browsing the internet, which is a major source of malicious agents. Avoid suspicious websites and enable real-time scanning to avoid falling prey to digital threats.