Computer viruses can be vicious little blighters wreaking all sorts of damage and destruction; destroying files, corrupting hard drives, plundering personal details and slowing the Internet to a crawl. Since the dawn of computing for the masses countless viruses have been released. Today, an estimated one million viruses are in circulation and thousands are created every month. Many of the so-called new viruses are simply variations of existing viruses that have had their code tweaked. Thankfully, many of these are detected by antivirus software but occasionally a new virus will slip through the net and in its wake infect millions of machines. Really good antivirus software
, that has multiple layers of detection, will pick these viruses up, but unfortunately not everyone has really good antivirus software.
Computer Virus - a quick definition
A computer virus in the truest sense of the phrase requires a host program to run properly such as a Word document. A worm, however, doesn't require a host program. It's an application that can replicate itself and send itself through computer networks. Trojan horses are programmes that claim to do one thing but really do another. Some might damage a victim's hard drive. Others can create a backdoor, allowing a remote user to access the victim's computer system. However, whether virus, worm or Trojan the one thing they have in common is the amount of damage they inflict. Just to give you some sense of the scale of the damage that can be wrought, here’s a rundown of some of the most notable viruses. This isn’t a definitive or exhaustive list; it just highlights the scale, cleverness and even historical antecedents of some computer viruses. You’ll probably know of some of them. You may even have been hit by some of them.
1. Storm Trojan – taking over the world
surfaced in 2007 inundating thousands of computers. Users would be lured into opening emails because of the subject headers such as ‘230 dead as storm batters Europe.’ Once an email attachment was opened the Trojan implanted a service called wincom32. This passed data to other infected computers and all of the infected computers became zombies or bots, that is, a huge global network of computers enslaved by Storm Trojan. Each computer would then attempt to infect other computers. And while it sounds like the plot from a James Bond movie, with the evil villain trying to take over the world, this throbbing, thriving, and monster botnet aimed to infect every computer on the planet. It was estimated that at its peak up to 10 million CPUs, that is the processor that powers your computer, was under the control of Storm Trojan. Most antivirus vendors picked up the infection surge and updated their detection signatures but Storm Trojan’s creators constantly altered the code to evaded detection. It was eventually contained but not after the wiping of many fevered brows and millions of man hours spent on trying to halt its activity.
2. Melissa – named after a stripper
The Melissa virus was designed to infect Windows 98 computers. And it did a pretty good job, spooking software giants like Microsoft to temporarily shut down their email servers because they were unwillingly aiding in its propagation. Created by David L. Smith
, who named it after a Miami-based stripper, it was ironically not designed to create mass harm. But it was so successful it overloaded servers. Melissa was spread via a file to a Usenet group called alt.sex, and the file contained passwords for 80 pornographic websites. As soon as the email recipient opened the file, in either Microsoft Word 97 or 2000, the worm, for that is what it was, attempted to mail itself to the first 50 email addresses it could take from the computer. It was incredibly successful in infecting millions of machines because when someone received an email containing Melissa, it appeared to come from someone they knew. Smith was prosecuted and got a 20 month jail sentence for his shenanigans. He was banned from even going near a computer without consent from a court.
3. My Doom – or is that your doom?
The aptly named My Doom
was the fastest spreading virus of all time and during the month of February 2004 it was estimated to be infecting 1 in 12 emails with 100,000 interceptions taking place every hour. That’s serious. It spread through email and peer-to-peer file sharing networks enabling it to dig deep into the web. It manifested through an email attachment which usually had an innocuous title such as ‘Mail Delivery System’ or ‘Mail Transaction Failed’. Naturally, many people opened the attachment. Its aim was to assault Google, AltaVista and Lycos and at its peak managed to shut down Google for almost a day. It also attacked other websites and one company put up a €250,000 reward to find its creator. They never did find him, or her, but it’s widely believed they were somewhere in Russia.
4. Sasser – an 18th birthday present
Sasser was a clever little worm that laid siege to Windows XP and Windows 2000 computers – a lot of computers. It was dubbed Sasser
because it exploited vulnerability in something called Local Security Authority Subsystem Services (LSAS). The LSAS function is to manage all the security stuff on Windows systems, for example password changes and verifying users when they log on. It’s ironic in that LSAS is supposed to protect computers. In short, Sasser, made it difficult to shut down machines without pulling the plug while also making it difficult to actually use a computer properly. Microsoft patched the problem but not before Sasser ran wild infecting a lot of organisations like investment banks Goldman Sachs who had to spend hours wrestling with the worm. Its creator Sven Jaschan, was eventually caught when law enforcement connected a few dots about potential suspects and realised that Jaschan had released Sasser into the wild on his 18th
5. Anna Kournikova - reveals all
We wonder how many fell victim to this? A world famous tennis star, Anna Kournikova, was also famed for her looks. A mischievous Dutch programmer called Jan de Wit
created a virus that tricked the recipient into opening a message that strongly suggested they would be privy to a glimpse of Anna’s curves. It was a classic bit of social engineering with the recipients triggering a malicious programme which plundered the address book of Microsoft Outlook e-mail. The flood of email it unleashed paralysed servers all over the world. It became so notorious it even featured it in an episode of Friends
, the US sitcom.
6. Morris and Concept – even Microsoft creates viruses
These viruses deserver a mention simply because they were two of the first that revealed the damage that malware can cause. In 1998 Robert Morris, a university student, released a worm which affected 10 per cent of all the computers connected to the internet. This may sound a lot but in 1998 only 60,000 computers were actually plugged into the global network. The virus slowed the computers down to a crawl and effectively brought all the machines used by the esteemed Massachusetts Institute of Technology
to a halt. Ironically, Morris later became an associate professor at MIT. The Concept virus on the other handaccidentally shipped on a CD-ROM supplied by Microsoft in 1995. It was the first virus to infect Microsoft Word documents. Within days it became the most widespread virus the world had ever seen, taking advantage of the fact that computer users shared documents via email.
7. I LOVE YOU – that’s why I’ll infect you
This was another classic example of social engineering and this particular digital deviant surfaced just after Melissa hit computers all over the world. It was a standalone programme that travelled the digital highways via email and bore the title I LOVE YOU
, in big, bold caps. It didn’t do just one thing, it spread its tentacles deep into a computer, copying itself several times and hiding in folders on the hard drive, replacing other files with copies of itself and adding new files into the computer’s registry. It also downloaded a file that stole passwords and secretly emailed the information to hackers. According to some estimates it did about $10 billion worth of damage, rapidly infecting networks around the world. Not very loving
8. Slammer – really slamming home
was a computer worm that caused a denial of service on Internet hosts and it dramatically slowed down internet traffic, infecting most of its 75,000 victims within ten minutes. It tended to effect companies running SQL servers, sparing home computer users. It appeared in early 2003 and wrought a lot of damage including bringing down Bank of America’s ATM system, taking out part of Seattle’s emergency 911 services and causing Continental Airlines to cancel several flights because of e-ticketing and check-in problems. Only a few minutes after infecting its first Internet server, the Slammer virus was doubling its number of victims every few seconds. Fifteen minutes after its first attack, the Slammer virus infected nearly half of the servers that hold up the internet. That’s seriously fast.
9. Nimda – a global terrorist?
, admin spelt backwards, hit the internet in 2001 and caused many networks to crash. Within 25 minutes of its release it had become the internet’s most widespread worm. It was unique in that it used five attack vectors. It infected email and sent itself out to email contacts; broke into web servers and infected files on websites by spreading automatically across a network; and by parasitically infecting existing programs on a hard disk. If an infected file made its way into an organisation and ran, it was possible that hundreds or thousands of computers on a network could be infected. And each infected computer - whether PC or server - might have hundreds or thousands of infected, damaged or modified files. One of the intriguing things about Nimda, is that it was never established who created it. It appeared one week after 9/11 leading to speculation that it was created by state actors or even terrorist groups. What is certain is that it was an incredibly clever and destructive worm and perhaps a foretaste of what is to come should open cyber warfare ever break out between nation states.
10.Conficker – a virus that grounded military aircraft
Conficker was dubbed a super virus because it infected millions of computers. It certainly had security experts panicking. It appeared in 2008 and according to some estimates went on infect up to 15 million computers. Viruses are slippery by nature but Conficker was in its own category of slipperiness. It featured a sophisticated method of cracking administrator passwords, making it difficult to remove, and it also copied itself to USB drives so it could still spread even when computer flaws were patched. Its main effect was to prevent people from installing Windows updates and antivirus software. However, it also had the ability to launch a second stage by downloading additional code that could hijack computers and steal personal information. It certainly hit some big targets including a French Navy computer network forcing the grounding of aircraft because flight plans could not be downloaded. The UK’s Ministry of Defence was also hit with several major systems being hit on warships and submarines while the Bundeswehr, the German armed forces also reported about 100 infected computers. It caused such consternation, and panic, that Microsoft created a high profile industry group to counter the virus. The group consisted of just about every organization with an interest in ensuring the internet didn’t collapse, including the China Internet Network Information Center – an indication of how global was the concern.
And finally – one for the Apple lovers
By and large computer viruses are aimed at PCs and it’s one of the reason’s users of Apple products thumb their noses in the direction of your average computer user. Its code for you can be hacked, we can’t. But it’s not true. Apple produces both the hardware and software for its systems which means its coding is obscure and difficult to penetrate by hackers. At the same time PCs are far more commonplace making them a much juicier target for hackers, than the relatively small pool of Apple computers. However, Apple computers can be hacked as the 2006 Leap_A virus
revealed. Using the iChat instant messaging programme Leap_A spread across vulnerable Mac computers. After infecting the computer it searched through iChat and sent each person on the iChat list a message which contained a corrupted file that appears as a JPEG image. It didn’t cause much damage but it did illustrate how determined hackers can customize their viruses according to their targets. And it’s a damn good reason why Apple device users shouldn’t be smug especially so, given the explosive surge of growth in iPhones and iPads.
And the moral of the virus tale?
It’s very simple. Prevention is better than cure. If your computer is infected it can cause tremendous damage, bringing your digital life crashing down with an almighty and unexpected thump. Stay safe by using antivirus software that has multiple detection layers and which updates new virus signatures regularly. It’s not rocket science, simply good sense. You can also check in less than a minute if your computer is infected with a virus by following this link.
Stay safe, stay secure.