10 biggest virus attacks

[dwarakesh]

The past few decades has seen many viruses wreck havoc on computers. Over the years these deadly programmes have been gaining in sophistication and constantly changing their complexion and mode of transfer.

Despite a slew of security tools for all possible touch points in our computer systems and networks the virus and other malware menace continues unabated. Here we bring to you the biggest virus attacks of all time.

[dwarakesh]

Elk Cloner (1982)

Regarded as the first virus to hit personal computers worldwide, "Elk Cloner" spread through Apple II floppy disks. The programme was authored by Rich Skrenta, a ninth-grade student then, who wanted to play a joke on his schoolmates.

The virus was put on a gaming disk, which could be used 49 times. On 50th time, instead of starting the game, it opened a blank screen that read a poem: "It will get on all your disks. It will infiltrate your chips. Yes it's Cloner! It will stick to you like glue. It will modify RAM too. Send in the Cloner!" The computer would then be infected.

Elk Cloner was though a self-replicating virus like most other viruses, it bore little resemblance to the malicious programmes of today.

[dwarakesh]

Brain (1986)

`Brain' was the first virus to hit computers running Microsoft's then popular operating system DOS. The virus was written by two Pakistani brothers, Basit Farooq Alvi and his brother Amjad Farooq Alvi and left the phone number of their computer repair shop.

A boot-sector virus, Brain infected the boot records of 360K floppy disks. The virus would fill unused space on the floppy disk so that it could not be used. The first "stealth" virus, it hid itself from any detection by disguising the infected space on the disk. Due to its partial non-destructiveness, Brain often went undetected as many times users paid little attention to the slow speed of floppy disk access.

The virus was also known as Lahore, Pakistani and Pakistani Brain. BusinessWeek magazine called the virus the Pakistani flu. The brothers told TIME magazine they had written it to protect their medical software from piracy and it was supposed to target copyright infringers only

[dwarakesh]

Morris (1988)

Written by a Cornell University graduate student, Robert Tappan Morris, the virus infected an estimated 6,000 university and military computers connected over the Internet. Incidentally, Morris's father was a top government computer-security expert,

The computers Morris invaded were part of the Arpanet, an international grid of telephone lines, buried cables, and satellite hookups established by the Department of Defense in 1969.

Interestingly, Morris later claimed that the worm was not written to cause damage, but to gauge the size of the Internet. An unintended consequence of the code, however, led to the damage caused.

[dwarakesh]

CIH (1998)

Chernobyl virus also known as CIH was first detected in 1998, however, it first triggered in April 1999, 13th the anniversary of the Chernobyl nuclear disaster (which took place in Ukrainian).

One of the most harmful viruses, it overwrites critical information on infected system drives. The virus was reportedly the first virus known to have the power to damage computer hardware, with virus attempting to erase the hard drive and overwrite the system's BIOS as well.

The virus is also known as "space filler virus," due to its ability to clandestinely take up file space on computers and prevent anti-virus software from running. The malicious programme caused widespread damage in several Asian countries paralyzing thousands of computers.

[dwarakesh]

Melissa (1999)

'Melissa' was one of the first viruses to spread over email. When users opened an attachment, the virus sent copies of itself to the first 50 people in the user's address book, covering the globe within hours.

The virus known as Melissa -- believed to have been named after a Florida stripper its creator knew -- caused more than $80m in damage after it was launched in March 1999. Computers became infected when users received a particular e-mail and opened a Word document attached to it.

First found on March 26, 1999, Melissa shut down Internet mail systems at several enterprises across the world after being they got clogged with infected e-mails carrying the worm. The worm was first distributed in the Usenet discussion group alt.sex. The creator of the virus, David Smith, was sentenced to 20 months imprisonment by a United States court.

[dwarakesh]

ILOVEYOU (2000)

Travelling via email attachments, "Love Bug" exploited human nature and tricked recipients into opening it by disguising itself as a love letter. The virus stunned security experts by its speed and wide reach. Within hours, the pervasive little computer programme tied up systems around the world.

The virus which was similar to the earlier Melissa worm, spread via an email with the tantalising subject line, "I Love You." When a recipient opened the attachment, the virus sent copies of itself to his entire address book. It then looked for files with .jpeg, .mp3, .mp2, .css and .hta extensions and overwrote them with itself, changing the extensions to .vbs or .vbe. These files then could not be retrieved in searches.

The bug affected companies in Taiwan and Hong Kong -- including Dow Jones Newswires and the Asian Wall Street Journal. Companies in Australia had to close down their email systems to keep the virus from spreading (80 per cent of the companies in Australia reportedly got hit).

The victims also included Parliaments of Britain and Denmark. In Italy, the outbreak hit almost the entire country. In the United States too, the e-mail systems were shut down at several companies

[dwarakesh]

Code Red (2001)

Said to be one of the most expensive viruses in history, the self-replicating malicious code, 'Code Red' exploited vulnerability in Microsoft IIS servers. Exploiting the flaw in the software, the worm was among the first few "network worms" to spread rapidly as they required only a network connection, not a human opening like attachment worms. The worm had a more malicious version known as Code Red II.

Both worms exploited a bug in an indexing service shipped with Microsoft Window's NT 4.0 and Windows 2000 operating systems. In addition to possible website defacement, infected systems experienced severe performance degradation. The virus struck multiple times on the same machine.

Code Red II affected organisations ranging from Microsoft to the telecom company Qwest to the media giant Associated Press. According to a research firm Computer Economics, the virus caused damage worth above $2 billion. Incidentally, Microsoft had issued a patch to fix the vulnerability almost a month earlier, however, most system operators failed to install it.

[dwarakesh]

Blaster (2003)

'Blaster' (also known as Lovsan or Lovesan) took advantage of a flaw in Microsoft software. The worm alongwith 'SoBig' worm which also spread at the same time prompted Microsoft to offer cash rewards to people who helped authorities capture and prosecute the virus writers.

The worm started circulating in August 2003. Filtering by ISPs and widespread publicity about the worm curbed the spread of Blaster.

On August 29, 2003, Jeffrey Lee Parson, an 18-year-old from Hopkins, Minnesota was arrested for creating the B variant of the Blaster worm; he admitted responsibility and was sentenced to an 18-month prison term in January 2005.

[dwarakesh]

Sasser (2004)

Another worm to exploit a Windows flaw, 'Sasser' led to several computers crashing and rebooting themselves.

Sasser spread by exploiting the system through a vulnerable network port. The virus, which infected several million computers around the world, caused infected machines to restart continuously every time a user attempted to connect to the Internet. The worm also severely impaired the infected computer's performance.

The first version of worm struck on April 30, 2004. The worm's three modified versions have followed it since then, known as Sasser.B, Sasser.C and Sasser.D. The companies affected by the worm included the Agence France-Presse (AFP), Delta Air Lines, Nordic insurance company If and their Finnish owners Sampo Bank.

[dwarakesh]

Storm worm (2007)

Another big Trojan attack was Storm worm that hit computers worldwide in January 2007. The Storm worm originally posed as breaking news of bad weather hitting Europe. Over time, the worm was also seen in emails with the following subjects: personal greetings, reports that Saddam Hussein is still alive, reports that Fidel Castro is dead, sexy women, YouTube, and even blogs.

Users who fell for it unknowingly became a part of a botnet. A botnet serves as an army of commandeered computers, which are later used by attackers without their owners' knowledge.

The worm infected millions of PCs worldwide and was compared to the Sasser and Slammer attacks of 2006 in terms of damage caused. On April 1, 2008, a new storm worm was released onto the Net, with April Fools-themed subject titles.

Source: indiatimes