The slow loading process.
The alerts from your virus protection.
The emails from friends telling you something is off.
The strange responses.
The blue screen of death.
Viruses have been around about as long as the personal computer, and at times it seems as though the viruses are definitely winning.
The viruses advance just as fast, or often faster, than our best virus detection and prevention software. That means vigilance and safe computer are often your best defenses. But even the best defense can’t always keep your computer safe when you encounter one of these viruses.
1 – ILOVEYOU
Allegedly created by a Filipino computer science student in 2000, the ILOVEYOU virus was also known as Love Letter and the Love Bug worm. The virus infected millions of Windows computers within a few hours of being released and is still considered one of the most dangerous worms ever released.
2 – Pikachu
Also in 2000, the first computer virus targeting children was released. The Pikachu virus was designed as an email that included the Pokémon character, Pikachu. The email had the message “Pikachu is your friend”. The attachment claimed to be an image of the Pokémon, but with that image unsuspecting children released a Visual Basic 6 program called pikachupokemon.exe that removed the contents of directories. Fortunately, a warning message about the deletion helped maintain the potential damage.
3 – Anna Kournikova
In February of 2001, the Anna Kournikova virus attacked email servers. The virus sent emails to the contacts in a user’s Microsoft Outlook address book and spread. Unlike many other viruses and worms in the same year, the Dutch developer was caught and sentenced to 150 hours of community service.
4 – Sircam
Later that year, in July of 2001, the Sircam worm is released and spread the same way. Using emails and network shares, the virus spread across machines.
5 – Code Red worm
Immediately on the heels of Sircam, the Code Red worm began attacking the Index Server ISAPI Extension in Microsoft’s Internet Information Services.
6 – Code Red II
Not to be outdone, a few weeks later, someone rewrote the original Code Red worm, and Code Red II was released. The new version was even more aggressive and spread through millions of machines, heavily affecting those in China.
7 – Nimda
Taking advantage of the backdoors left open by the spread of worms like Code Red II, Nimda appeared in the fall of 2001 and spread rapidly through machines that had already been compromised at least once.
8 – Klez
In a year known for big viruses, the final big virus to appear in 2001 was the Klez worm. Klez took advantage of vulnerabilities in the Microsoft software – in particular, Internet Explorer, Microsoft Outlook, and Outlook Express.
9 – Beast
2002 brought in a few heavy hitters including the Beast malware. Beast was a Windows-based Trojan that attacked through the backdoor of Windows software. Also called RAT for Remote Administration Tool, Beast was able to infect virtually all known versions of Windows of the time. The original version was released by its creator Tataye in 2002, but versions of the Trojan were released through 2004.
10 – Mylife
Another email worm, Mylife appeared in early 2002 and spread itself quickly by sending out emails to all of the contacts in an infected Microsoft Outlook address book.
11 – SQL Slammer
January of 2003 brought the SQL Slammer worm, which was also called the Sapphire worm or the Helkern worm. This worm attacked Microsoft SQL Server and MSDE. The worm was able to work through vulnerabilities so quickly that it because the fastest spreading worm of all time. After just fifteen minutes, internet access was disturbed worldwide after the first victim was attacked.
12 – Blaster
Later that year, the Blaster worm, which was also known as the Lovesan worm, took advantage of a vulnerability in system services in Windows computers to spread rapidly.
13 – Sobig.F
In the summer of 2003, the Sobig worm, or more formally the Sobig.F worm again uses email systems like Outlook and other unprotected file shares to spread quickly through Microsoft systems.
14 – Sober worm
In the fall of 2003, the Sober worm first appears, again attacking Microsoft systems. The Sober worm manages to stick around through at least 2005 using new versions of the original worm. The Sober worm took advantage of systems already weakened by the SoBig and Blaster viruses and created massive damage to infected machines.
15 – Bagle
2004 ushere in another mass-mailing worm called Bagle. There were two versions of the worm, Bagle.A and Bagle.B although both affected all version of Microsoft Windows after spreading through emails.
16 – L10n worm
Almost simultaneously, the “lion” worm, or L10n worm, appeared. This was a LINUX worm that spread through the BIND DNS server by exploiting a buffer overflow. The L10n worm was a more advanced version of a previous worm called the Ramen worm. Both were written to attach systems running 6.2 and 7.0 of Red Hat Linux.
17 – MyDoom
The fastest spreading mass mailer worm of all time also appears in January of 2004. The MyDoom worm worked through mail systems and holds the record of fastest spreading email worm to this day.
18 – Netsky
Just a few weeks later in 2004, the Netsky worm is discovered. This worm is also spread by email, but once spread, the worm copies itself to folders on the available drives including network drives. There were eventually many variations on this particular worm.
19 – Witty worm
Another record breaking worm, Witty worm appeared in March of 2004. This worm took advantage of holes in Internet Security Systems products. This was the first internet worm to actually carry a destructive payload. The worm spread quickly using a pre-populated set of ground-zero hosts.
20 – Sasser
Networks were attacked in the spring of 2004 by the Sasser worm. This worm exploited weaknesses in the Windows LSASS service. It was especially potent when the Sasser worm attacked in close company with or right after the MyDoom and Bagle variants. Sasser was even known to have shut down businesses.
21 – Vundo
The fall of 2004 brought Vundo, which was also known as Virtumonde or Virtumondo. It was also referred to as MS Juan. This Trojan caused popups and other intrusive advertising for fake antispyware programs. The Trojan was also known to degrade machine performance and block certain websites like Facebook and Google.
22 – Santy
In the closing weeks of 2004, the first “webworm” is released. Santy uses a vulnerability in phbBB and then used Google to find new targets. More than 40,000 websites were infected before Google was able to block the worm by filtering the search query, effectively stopping it.
23 – Nyxem
In early 2006, the Nyxem worm began to spread through mass-mailing. The payload of the worm was activated on the third of each month, with the first detonation on February 3. The goal of the worm was to disable security features and destroy certain files, including Microsoft Office files.
24 – Storm Worm
The fastest spreading email spam appeared in early 2007. The Storm Worm created a significant threat to Microsoft systems. Infected computers were grouped into the Storm botnet and after six months more than 1.7 million computers had been infected. 10 percent of computers worldwide had been compromised. The worm is thought to have started in Russia, and tricked users into downloading the worm by claiming it was a video of a news event referenced in the original email.
25 – Torpig
One year later in 2008, Torpig, which was also known as Sinowal and Mebroot attacks Windows machines. The Trojan turns off anti-virus applications which left portals open for others to access the user’s computer to steal information, install additional malware and modify files and data.
26 – Conflicker
Another massive infestation of machines occurred in the fall of 2008. Conflicker eventually affected up to 15 million Microsoft servers. The worm affected large systems including the French Navy, the UK Ministry of Defence, and the Norwegian Police. There were five known variants of the worm discovered over a two year period. Microsoft eventually set a bounty of $250,000 for information to catch the author of the worm and released a patch to stop the spread of the worm.
27 – w32.Dozer
On July 4, 2009, Independence Day in the United States, a series of cyber-attacks occurred targeting the United States and its ally, South Korea. The attacks released W32.Dozer as part of the attack.
28 – Daprosy Worm
In that same month, the Daprosy Worm was discovered by Symantec. The Trojan was designed to steal online-game passwords by recording keystrokes in internet cafes. This worm was especially dangerous when it spread out of gaming and into business-to-business systems.
29 – Stuxnet
In 2010, the first worm to attack SCADA systems appeared. The Stuxnet was a Windows Trojan that may have been originally designed to target nuclear facilities in Iran. The Trojan actually used a valid certificate, which made it even more dangerous.
30 – Anti-Spyware 2011
As the name indicates, the Anti-Spyware 2011 Trojan began to attack versions of Windows by posing as an anti-spyware program. The Trojan disabled the security process for other, real anti-virus programs while blocking internet access. Without internet access, updates could not be downloaded, compounding the problem.
31 – Morto
In the summer of 2011, the more sophisticated Morto worm uses Microsoft’s Remove Desktop Protocol to spread. The Morto worm forces infected computers to scan for Windows servers allowing RDP login. Once an appropriate system is located, the worm attempts to log in using generic passwords generated by a large dictionary.
32 – Duqu
In late 2011, a new worm appears that appears to be related to the previously released Stuxnet. The Duqu worm created files on infected computer, giving them the prefix “~DQ”, which led to the eventual name of the worm.
33 – Flame
Released in the spring of 2012, Flame was created and released for targeted espionage in Middle Eastern countries. Also known as Flamer, Skywiper and sKyWiper, the malware attacked computers running Microsoft Windows. Flame was arguably the most sophisticated piece of malware created up to that point.
34 – Shamoon
Later in 2012, the energy sector is attacked by the Shamoon virus. The computer virus was designed specifically for Microsoft Windows machines running energy software.
35 – NRGBot
In the fall of 2012, the NGRBot is discovered. The worm instigates file transfers to send commands between a zombie network and the attacker’s own IRC server. After infecting a machine, the worm uses a rootkit technique to steal information from the victimized machine. The same bot blocked updates from security software, killed other forms of antimalware and redirected machines.
36 – CryptoLocker
About a year later, the CryptoLocker Trojan is named. This Trojan worked as ransomware. After infecting a machine, the malware would encrypt files on a hard drive and then demand payment to release the files back to the original owner. After the original release of CryptoLocker, copycats were released for months that followed the same format.
37 – Gameover ZeuS
Despite its clever name, the Gameover ZeuS Trojan was a nasty bug that would steal login details on banking and other monetary websites. Once a popular financial website was detected. The Trojan injected code into the page to log keystrokes.
38 – Regin
The standout malware from 2014 is the Regin Trojan. Operating discreetly, the Regin Trojan was a dropper that spread via copycat web pages. Once the Trojan was downloaded, Regin would download extensions of itself which made it very hard to detect, block and remove. There are rumors that this particular Trojan may have been created by the United States and the United Kingdom for espionage and surveillance.
39 – BASHLITE
In 2015, there was a massive spike in DDoS attackes precipitated by the BASHLITE malware. Orignally called Bashdoor, this bit of malware infected Linux systems.
40 – Locky
Another piece of ransomware appeared in early 2016. Locky had more than 60 derivatives, and all spread across Europe to infect millions of computers. At one more there were more than 5,000 computers infected per hour in a single country. The ransomware would lock up files and demand payment to release them again to owners. Locky spread widely in part due to the lack of appropriate security available, as the ransomware was more sophisticated than current versions of security software.
41 – Tiny Banker
The banking industry is attacked directly by the Tiny Banker Trojan in early 2016. More than twenty-four major banks in the United States were infected by the Trojan. The Trojan would use HTTP code to mimic the bank’s homepage. After entering login data, the spoof page would return the “incorrect login” page and redirect the user to the real page. The incorrect login was simply a cleverly hidden theft of information that was sent along to the Trojan’s host. Among the infected were big names like Wells Fargo, Chase, HSBC and Bank of America.
42 – Mirai
One of the most powerful and disruptive DDoS attacks occur in September of 2016. The Internet of Things is one of the first to be attacked followed by Krebs of Security site. Eventually several big websites were attacked by Mirai including GitHub, Twitter, Reddit, Netflix and AirBNB.
43 – Wanna Cry
Another bit of aptly named software appeared in May of 2017. The WannaCry ransomware is an attack that spread globally. The ransomware is found to use information revealed in the NSA hacking toolkit leak from 2016. Fortunately, soon after the ransomware began to spread, a security firm in the UK found a “kill switch” in the ransomware and stopped the initial spread. Unfortunately, new variants immediately began to spread that did not contain the kill switch.
Viruses are a fact of life that comes with PC use. You can’t escape the possibility of the virus, so you must always be cautious online and practice safe computing. And if a virus slips by your best defenses, be ready to do war – and keep your most important files backed up, just in case.