10 Worst Computer Viruses of All Time


1
Storm Worm
Professor Adi Shamir of the Weizmann Institute of Sciences in Israel is the leader of the Anti-Spyware Coalition.
Professor Adi Shamir of the Weizmann Institute of Sciences in Israel is the leader of the Anti-Spyware Coalition.
Gabriel Bouys/AFP/Getty Images

The latest virus on our list is the dreaded Storm Worm. It was late 2006 when computer security experts first identified the worm. The public began to call the virus the Storm Worm because one of the e-mail messages carrying the virus had as its subject "230 dead as storm batters Europe." Antivirus companies call the worm other names. For example, Symantec calls it Peacomm while McAfee refers to it as Nuwar. This might sound confusing, but there's already a 2001 virus called the W32.Storm.Worm. The 2001 virus and the 2006 worm are completely different programs.

The Storm Worm is a Trojan horse program. Its payload is another program, though not always the same one. Some versions of the Storm Worm turn computers into zombies or bots. As computers become infected, they become vulnerable to remote control by the person behind the attack. Some hackers use the Storm Worm to create a botnet and use it to send spam mail across the Internet.

Many versions of the Storm Worm fool the victim into downloading the application through fake links to news stories or videos. The people behind the attacks will often change the subject of the e-mail to reflect current events. For example, just before the 2008 Olympics in Beijing, a new version of the worm appeared in e-mails with subjects like "a new deadly catastrophe in China" or "China's most deadly earthquake." The e-mail claimed to link to video and news stories related to the subject, but in reality clicking on the link activated a download of the worm to the victim's computer [source: McAfee].

Several news agencies and blogs named the Storm Worm one of the worst virus attacks in years. By July 2007, an official with the security company Postini claimed that the firm detected more than 200 million e-mails carrying links to the Storm Worm during an attack that spanned several days [source: Gaudin]. Fortunately, not every e-mail led to someone downloading the worm.

Although the Storm Worm is widespread, it's not the most difficult virus to detect or remove from a computer system. If you keep your antivirus software up to date and remember to use caution when you receive e-mails from unfamiliar people or see strange links, you'll save yourself some major headaches.

Want to learn more about computer viruses? Take a look at the links below, if you dare.

Related Articles

More Great Links

Sources

  • Anthes, Gary H. "Experts Warn of a New Wave of Viruses." PCWorld. April 1, 2002. (Aug. 12, 2008) http://www.pcworld.com/article/92123/experts_warn_of_a_new_wave_of_viruses.html
  • BBC News. "Melissa virus creator jailed." May 2, 2002. (Aug. 11, 2008) http://news.bbc.co.uk/2/hi/americas/1963371.stm
  • BBC News. "Mydoom virus 'biggest in months.'" Jan 27, 2004. (Aug 12, 2008) http://news.bbc.co.uk/2/hi/technology/3432639.stm
  • Boutin, Paul. "Slammed!" Wired. July 2003. (Aug. 12, 2008) http://www.wired.com/wired/archive/11.07/slammer.html
  • Cert. "Advisory CA-1999-04 Melissa Macro Virus." March 31, 1999. (Aug. 12, 2008) http://www.cert.org/advisories/CA-1999-04.html
  • Cert. "Advisory CA-2000-04 Love Letter Worm." May 9, 2000. (Aug. 13, 2008) http://www.cert.org/advisories/CA-2000-04.html Cert. "W32/Netsky.B Virus." Feb. 18, 2004. (Aug. 14, 2008) http://www.cert.org/incident_notes/IN-2004-02.html
  • Cert. "Advisory CA-2001-19 "Code Red" Worm Exploiting Buffer Overflow In IIS Indexing Service DLL." Jan. 17, 2002. (Aug. 13, 2008) http://www.cert.org/advisories/CA-2001-19.html
  • Cert. "Advisory CA-2001-26 Nimda Worm." Sept. 25, 2001. (Aug. 14, 2008) http://www.cert.org/advisories/CA-2001-26.html
  • Cert. "Advisory CA-2003-04 MS-SQL Server Worm." Jan. 27, 2003. (Aug. 14, 2008) http://www.cert.org/advisories/CA-2003-04.html
  • Cert. "'Code Red II:' Another Worm Exploiting Buffer Overflow In IIS Indexing Service DLL." Aug. 6, 2001. (Aug. 13, 2008) http://www.cert.org/incident_notes/IN-2001-09.html
  • Cert. "W32/Novarg.A Virus." Jan. 30, 2004. (Aug. 14, 2008) http://www.cert.org/incident_notes/IN-2004-01.html
  • CNN. "Man charged with unleasing 'Melissa' computer virus." April 2, 1999. (Aug. 11, 2008) http://www.cnn.com/TECH/computing/9904/02/melissa.arrest.03/index.html
  • CNN. "New 'Nimda' variant hits Net, users urged to patch." Nov. 1, 2001. (Aug 11, 2008) http://archives.cnn.com/2001/TECH/internet/10/31/new.nimda.idg/
  • Computer Emergency Response Team. http://www.cert.org/
  • Dick, Ronald L. "Issue of Intrusions into Government Computer Networks." Congressional Testimony. April 5, 2001. (Aug. 12, 2008) http://www.fbi.gov/congress/congress01/rondick.htm
  • Fox News. "Electronic Gadgets Often Full of Computer Viruses." March 14, 2008. (Aug. 12, 2008) http://www.foxnews.com/story/0,2933,337848,00.html
  • Hanhisalo, Markus. "Computer Viruses." Helsinki University of Technology. (Aug. 12, 2008) http://www.tml.tkk.fi/Opinnot/Tik-110.501/1997/viruses.html
  • Hopper, D. Ian. "'ILOVEYOU' computer bug bites hard, spreads fast." CNN. May 4, 2000. (Aug. 12, 2008) http://archives.cnn.com/2000/TECH/computing/05/04/iloveyou.01/
  • Infoplease. "Computer Virus Timeline." (Aug. 11, 2008) http://www.infoplease.com/ipa/A0872842.html
  • Kim, Hyukjoon. "National Spam Threat Management." CERT. (Aug. 15, 2008) http://www.cert.org/csirts/national/best_practices/2008/NationalSpamThreatMgmtSystem.pdf
  • Krebs, Brian. "A Short History of Computer Viruses and Attacks." The Washington Post. Feb. 14, 2003. (Aug. 11, 2008) http://www.washingtonpost.com/ac2/wp-dyn/A50636-2002Jun26
  • Landler, Mark. "A Filipino Linked to "Love Bug" Talkes About His License to Hack." The New York Times. Oct. 21, 2000. (Aug 12, 2008) http://query.nytimes.com/gst/fullpage.html?res=990DE5D8113EF932A15753C1A9669C8B63
  • Lemos, Robert. "'Slammer' attacks may become way of life for Net." CNet. Feb. 6, 2003. (Aug. 12, 2008) http://news.cnet.com/Damage-control/2009-1001_3-983540.html
  • MarketWatch. "Consumer Reports Survey: U.S. Consumers Lost Nearly $8.5 Billion to Online Threats." Aug. 4, 2008. (Aug. 12, 2008) http://www.marketwatch.com/news/story/consumer-reports-survey-us-consumers/story.aspx?guid={3CC98D25-1EF2-4121-880B-180B593FC054}&dist=hppr
  • McAfee. "OSX/Leap." Feb. 16, 2006. (Aug. 14, 2008) http://vil.nai.com/vil/content/v_138578.htm
  • McAfee. "VBS/Loveletter@MM." May 10, 2000. (Aug. 13, 2008) http://vil.nai.com/vil/content/v_98617.htm
  • McAfee. "W32/Klez.gen@MM." May 9, 2008. (Aug. 13, 2008) http://vil.nai.com/vil/content/v_99237.htm
  • McAfee. "W32/Mydoom.gen@MM." July 24, 2008. (Aug. 14, 2008) http://vil.nai.com/vil/content/v_123198.htm
  • McAfee. "W32/Nimda.gen@MM." June 15, 2005. (Aug. 14, 2008) http://vil.nai.com/vil/content/v_99209.htm
  • McAfee. "W32/Nuwar@MM." Aug. 15, 2008. (Aug. 15, 2008) http://vil.nai.com/vil/content/v_140835.htm
  • McAfee. "W32/Sasser.worm.a." June 8, 2006. (Aug. 14, 2008) http://vil.nai.com/vil/content/v_125007.htm
  • McAfee. "W32/SQLSlammer.worm." March 11, 2008. (Aug. 14, 2008) http://vil.nai.com/vil/content/v_99992.htm
  • McAfee. "W97M/Melissa.ao@mm." Sept. 1, 2004. (Aug. 12, 2008) http://vil.nai.com/vil/content/v_98530.htm
  • Microsoft. "Computer viruses: description, prevention, and recovery." Dec. 3, 2007. (Aug 11, 2008) http://support.microsoft.com/kb/129972
  • Mobiledia. "New Symbian Virus Spreads Through MMS." March 7, 2005. (Aug. 12, 2008) http://www.mobiledia.com/news/27141.html
  • Sophos. "Fifth anniversary of Chernobyl computer virus attack." April 26, 2004. (Aug. 12, 2008) http://www.sophos.com/pressoffice/news/articles/2004/04/va_cihfive.html
  • Sophos. "War of the worms: Netsky-P tops list of year's worst virus outbreaks." Dec. 8, 2004. (Aug. 13, 2008) http://www.sophos.com/pressoffice/news/articles/2004/12/pr_uk_20041208yeartopten.html
  • Sullivan, Bob. "New MyDoom virus spreads quickly." MSNBC. July 26, 2004. (Aug. 13, 2008) http://www.msnbc.msn.com/id/5518331/
  • Symantec. "CodeRed Worm." Feb. 13, 2007. (Aug. 13, 2008) http://www.symantec.com/security_response/writeup.jsp?docid=2001-071911-5755-99&tabid=2
  • Symantec. "Nimda Worm A." (Aug. 14, 2008) http://www.symantec.com/avcenter/attack_sigs/s20436.html
  • Symantec. "OSX.Leap.A." Feb. 13, 2007. (Aug. 14, 2008) http://www.symantec.com/security_response/writeup.jsp?docid=2006-021614-4006-99
  • Symantec. "Trojan.Peacomm." Jan. 19, 2007. (Aug. 15, 2008) http://www.symantec.com/security_response/writeup.jsp?docid=2007-011917-1403-99
  • Symantec. "VBS.LoveLetter and variants." Feb. 13, 2007. (Aug. 13, 2008) http://www.symantec.com/security_response/writeup.jsp?docid=2000-121815-2258-99&tabid=2
  • Symantec. "W32.Klez.A@mm." Feb. 13, 2007. (Aug. 13, 2008) http://www.symantec.com/security_response/writeup.jsp?docid=2001-102601-3830-99
  • Symantec. "W32.Mydoom.AN@mm." Feb. 13, 2007. (Aug. 14, 2008) http://www.symantec.com/security_response/writeup.jsp?docid=2005-012813-4156-99
  • Symantec. "W32.Netsky.I@mm." Feb. 13, 2007. (Aug. 14, 2008) http://www.symantec.com/security_response/writeup.jsp?docid=2004-030717-4718-99
  • Symantec. "W32.Sasser.D." Feb. 13, 2007. (Aug. 14, 2008) http://www.symantec.com/security_response/writeup.jsp?docid=2004-050315-1907-99
  • Symantec. "W32.SQLExp.Worm." Feb. 13, 2007. (Aug 14, 2008) http://www.symantec.com/security_response/writeup.jsp?docid=2003-012502-3306-99
  • Symantec. "W97M.Melissa.A." Feb. 13, 2007. (Aug. 12, 2008) http://www.symantec.com/security_response/writeup.jsp?docid=2000-122113-1425-99
  • Wagner, Jim. "No Jail Time for Sasser, Netsky Author." WinPlanet. July 8, 2005. (Aug. 13, 2008) http://cws.internet.com/article/2927-.htm

UP NEXT

How's Spear Phishing Different From Plain Old Phishing?

How's Spear Phishing Different From Plain Old Phishing?

Hackers used spear phishing to target the Democratic National Committee. HowStuffWorks explains how spear phishing differs from regular phishing.


More to Explore