The slow loading processes. The alerts from your virus protection. The emails from friends telling you something is off. The spam. The strange responses. The blue screen of death.
Viruses have been around about as long as the personal computer and it’s a big nightmare because they disrupt your computer performance significantly. The viruses are more advanced than our virus detection and prevention software. Sometimes even the best defence can’t always keep your computer safe when you encounter one of these viruses. Computer viruses are around for many years and have been a major threat for computer users because they can wipe away your important data any time and also make your machine function abnormally.
This article is a brief history of all worst computer viruses, worms and trojan horses of 21 century. You have to take some good precautions to avoid any sort of computer viruses, otherwise, you can get into the huge trouble. There are different types of PC viruses and you should know about all of them before it’s too late.
What Is A Computer Virus?
A computer virus is a malicious program installed on a computer without the user’s permission and performs spiteful activities that can cause harm to files, data or other software in the computer. Fred Cohen first defined the term ‘computer virus’ in 1983. PC viruses never occur naturally but they are intentionally spread by hackers. When viruses are made and released, their dispersal is not directly in human control. Once the virus entered in a computer, it attaches itself to another program that the host program execution triggers the virus’s action concurrently. PC Virus can also self-replicate itself, by inserting it onto other files or programs and damage them in the procedure.
Not all PC viruses are meant to harm your computer’s data, software or hardware. Though, most viruses on a computer are in destructive nature and perform malicious actions, such as damaging the files and data. Some computer viruses cause havoc when their code is run, while some lie inactive until a specific event gets started, that execute their code in a computer. Viruses propagate when the documents or software they get attached to are moved from one PC to another through a network, file sharing methods, a disk, or via malicious e-mail attachments.
Here is a list of computer viruses that have been causing damage to user’s PCs since 2000.
Allegedly created by a Filipino computer science student in 2000, the ILOVEYOU virus was also known as Love Letter and the Love Bug worm. This is a dangerous computer virus, infected millions of Windows computers within a few hours of being released and is still considered one of the most dangerous worms ever released.
Also, in 2000, the first computer virus targeting children was released. The Pikachu virus was designed as an email that included the Pokémon character, Pikachu. The email had the message “Pikachu is your friend”. The attachment claimed to be an image of the Pokémon, but with that image unsuspecting children released a Visual Basic 6 program called pikachupokemon.exe that removed the contents of directories. Fortunately, a warning message about the deletion helped maintain the potential damage.
In February of 2001, the Anna Kournikova virus attacked email servers. It is the most dangerous virus for pc that sent emails to the contacts in a user’s Microsoft Outlook address book and spread. Anna Kournikova force email users to open a mail with an infected program. Unlike many other viruses and worms in the same year, the Dutch developer was caught and sentenced to 150 hours of community service.
Taking advantage of the backdoors left open by the spread of worms like Code Red II, Nimda appeared in the fall of 2001 and spread rapidly through machines that had already been compromised at least once.
In a year known for big viruses, the final big virus to appear in 2001 was the Klez worm. Klez took advantage of vulnerabilities in the Microsoft software – in particular, Internet Explorer, Microsoft Outlook, and Outlook Express.
Later that year, in July of 2001, the Sircam worm is released and spread using emails in Microsoft Windows systems and network shares the virus spread across machines. Sircam is a mass-mailing worm that can through Windows Network shares. This worm activates when an EXE extension file run until it has completed the operation 8000 times.
Code Red Worm
On July 15, 2001, Code Red worm detected on the Internet. It attacked Microsoft’s IIS web server’s computers. Immediately on the heels of Sircam, the Code Red began attacking the Index Server ISAPI Extension in Microsoft’s Internet Information Services.
Code Red II
Not to be outdone, a few weeks later, someone rewrote the original Code Red worm, and Code Red II was released. The new version was even more aggressive and spread through millions of machines, heavily affecting those in China.
2002 brought in a few heavy hitters including the Beast malware. Beast was a Windows-based Trojan that attacked through the backdoor of Windows software. Also called RAT for Remote Administration Tool, Beast was able to infect virtually all known versions of Windows of the time. The original version was released by its creator Tataye in 2002, but versions of the Trojan were released through 2004.
Another email worm, Mylife appeared in early 2002 and spread itself quickly by sending out emails to all of the contacts in an infected Microsoft Outlook address book. Mylife is destructive a malicious computer worm that can delete important files of the system.
January of 2003 brought the SQL Slammer worm, which was also called the Sapphire worm or the Helkern worm. It attacked Microsoft SQL Server and MSDE. The worm was able to work through vulnerabilities so quickly that it because of the fastest spreading worm of all time. After just fifteen minutes, internet access was disturbed worldwide after the first victim was attacked. SQL Slammer can slow down your general internet traffic.
Later that year, the Blaster worm, which was also known as the Lovesan worm, took advantage of a vulnerability in system services in Windows computers to spread rapidly.
In the summer of 2003, the Sobig worm, or more formally the Sobig.F worm again uses email systems like Outlook and other unprotected file shares to spread quickly through Microsoft systems.
In the fall of 2003, the Sober worm first appears, again attacking Microsoft systems. The Sober manages to stick around through at least 2005 using new versions of the original worm. The Sober took advantage of systems already weakened by the SoBig and Blaster viruses and created massive damage to infected machines.
2004 ushered in another mass-mailing worm called Bagle. There were two versions of the worm, Bagle. A and Bagle.B although both affected all version of Microsoft Windows after spreading through emails.
Almost simultaneously, the “lion” worm, or L10n worm, appeared. This was a LINUX worm that spread through the BIND DNS server by exploiting a buffer overflow. The L10n was a more advanced version of a previous worm called the Ramen worm. Both were written to attach systems running 6.2 and 7.0 of Red Hat Linux.
The fastest-spreading mass mailer worm of all time also appears in January of 2004. The MyDoom worked through mail systems and holds the record of fastest spreading email worm to this day.
Just a few weeks later in 2004, the Netsky worm is discovered. This worm is also spread by email, but once spread, the worm copies itself to folders on the available drives including network drives. There were eventually many variations on this particular worm.
Another record-breaking worm, Witty worm appeared in March of 2004. This worm took advantage of holes in Internet Security Systems products. This was the first internet worm to actually carry a destructive payload. It spread quickly using a pre-populated set of ground-zero hosts.
Networks were attacked in the spring of 2004 by the Sasser worm. This worm exploited weaknesses in the Windows LSASS service. It was especially potent when the Sasser worm attacked in close company with or right after the MyDoom and Bagle variants. Sasser was even known to have shut down businesses.
The fall of 2004 brought Vundo, which was also known as Virtumonde or Virtumondo. It was also referred to as MS Juan. This Trojan caused pop-ups and other intrusive advertising for fake antispyware programs. The Trojan was also known to degrade machine performance and block certain websites like Facebook and Google.
In the closing weeks of 2004, the first “webworm” is released. Santy uses a vulnerability in phbBB and then used Google to find new targets. More than 40,000 websites were infected before Google was able to block the worm by filtering the search query, effectively stopping it.
In early 2006, the Nyxem worm began to spread through mass-mailing. The payload of the worm was activated on the third of each month, with the first detonation on February 3. The goal of the worm was to disable security features and destroy certain files, including Microsoft Office files.
Storm Is A Backdoor Trojan Horse That Affects Computers Using Microsoft Operating Systems
The fastest spreading email spam appeared in early 2007. The Storm Worm created a significant threat to Microsoft systems. Infected computers were grouped into the Storm botnet and after six months more than 1.7 million computers had been infected. 10 per cent of computers worldwide had been compromised. Storm is a backdoor trojan horse that affects computers using Microsoft operating systems. It is thought to have started in Russia and tricked users into downloading the worm by claiming it was a video of a news event referenced in the original email.
One year later in 2008, Torpig, which was also known as Sinowal and Mebroot attack Windows machines. The Trojan turns off anti-virus applications which left portals open for others to access the user’s computer to steal information, install additional malware and modify files and data.
Torpig is the trojan-type malware that attacks Microsoft Windows users. It is shown in the research that this malicious program inoculates a component that operates as a keystroke logger. Moreover, it can be used to execute and download many files that contaminate computers with types of malware.
Another massive infestation of machines occurred in the fall of 2008. Conflicker eventually affected up to 15 million Microsoft servers. The worm affected large systems including the French Navy, the UK Ministry of Defence, and the Norwegian Police. There were five known variants of the worm discovered over two years. Microsoft eventually set a bounty of $250,000 for information to catch the author of the worm and released a patch to stop the spread of the worm.
On July 4, 2009, Independence Day in the United States, a series of cyber-attacks occurred targeting the United States and its ally, South Korea. The attacks released W32.Dozer as part of the attack.
In that same month, the Daprosy Worm was discovered by Symantec. The Trojan was designed to steal online-game passwords by recording keystrokes in internet cafes. This worm was especially dangerous when it spread out of gaming and into business-to-business systems.
In 2010, the first worm to attack SCADA systems appeared. The Stuxnet was a Windows Trojan that may have been originally designed to target nuclear facilities in Iran. The Trojan actually used a valid certificate, which made it even more dangerous.
As the name indicates, the Anti-Spyware 2011 Trojan began to attack versions of Windows by posing as an anti-spyware program. The Trojan disabled the security process for other, real anti-virus programs while blocking internet access. Without internet access, updates could not be downloaded, compounding the problem.
In the summer of 2011, the more sophisticated Morto worm uses Microsoft’s Remove Desktop Protocol to spread. The Morto forces infected computers to scan for Windows servers allowing RDP login. Once an appropriate system is located, the worm attempts to log in using generic passwords generated by a large dictionary.
In late 2011, a new worm appears that appears to be related to the previously released Stuxnet. The Duqu created files on the infected computer, giving them the prefix “~DQ”, which led to the eventual name of the worm.
Released in the spring of 2012, Flame was created and released for targeted espionage in Middle Eastern countries. Also known as Flamer, Skywiper and sKyWiper, the malware attacked computers running Microsoft Windows. Flame was arguably the most sophisticated piece of malware created up to that point.
Later in 2012, the energy sector is attacked by the Shamoon virus. The computer virus was designed specifically for Microsoft Windows machines running energy software. This malware can overwrite and delete files on an infected computer. Shamoon can also erase the computer’s master boot record.
In the fall of 2012, the NGRBot is discovered. The worm instigates file transfers to send commands between a zombie network and the attacker’s own IRC server. After infecting a machine, the worm uses a rootkit technique to steal information from the victimized machine. The same bot blocked updates from security software, killed other forms of antimalware and redirected machines.
About a year later, the CryptoLocker Trojan is named. This Trojan worked as ransomware. After infecting a machine, the malware would encrypt files on a hard drive and then demand payment to release the files back to the original owner. After the original release of CryptoLocker, copycats were released for months that followed the same format.
Despite its clever name, the Gameover ZeuS Trojan was a nasty bug that would steal login details on banking and other monetary websites. Once a popular financial website was detected. The Trojan injected code into the page to log keystrokes. GameOver Zeus mostly used by cybercriminals to steal the confidential information of users.
The standout malware from 2014 is the Regin Trojan. Operating discreetly, the Regin Trojan was a dropper that spread via copycat web pages. Once the Trojan was downloaded, Regin would download extensions of itself which made it very hard to detect, block and remove. There are rumours that this particular Trojan may have been created by the United States and the United Kingdom for espionage and surveillance.
In 2015, there was a massive spike in DDoS attacks precipitated by the BASHLITE malware. Originally called Bashdoor, this bit of malware-infected Linux systems to launch denial-of-service attacks.
Another piece of ransomware appeared in early 2016. Locky had more than 60 derivatives, and all spread across Europe to infect millions of computers. At one more there were more than 5,000 computers infected per hour in a single country. The ransomware would lock up files and demand payment to release them again to owners. Locky spread widely in part due to the lack of appropriate security available, as the ransomware was more sophisticated than current versions of security software.
The banking industry is attacked directly by the Tiny Banker Trojan in early 2016. More than twenty-four major banks in the United States were infected by the Trojan. The Trojan would use HTTP code to mimic the bank’s homepage. After entering login data, the spoof page would return the “incorrect login” page and redirect the user to the real page. The incorrect login was simply a cleverly hidden theft of information that was sent along to the Trojan’s host. Among the infected were big names like Wells Fargo, Chase, HSBC and Bank of America.
One of the most powerful and disruptive DDoS attacks occur in September of 2016. The Internet of Things is one of the first to be attacked followed by Krebs of Security site. Eventually, several big websites were attacked by Mirai including GitHub, Twitter, Reddit, Netflix and Airbnb.
Wanna Cry Used by Cybercriminals to Extort Money
Another bit of aptly named software appeared in May of 2017. The WannaCry ransomware is the latest computer virus. The ransomware is found to use information revealed in the NSA hacking toolkit leak from 2016. Fortunately, soon after the ransomware began to spread, a security firm in the UK found a “kill switch” in the ransomware and stopped the initial spread. Unfortunately, new variants immediately began to spread that did not contain the kill switch.
Viruses are a fact of life that comes with PC use. You can’t escape the possibility of the virus, so you must always be cautious online and practice safe computing. And if a virus slips by your best defences, be ready to do war – and keep your most important files backed up, just in case.
In this article, I have shared with you a PC virus list that is known to be one of the worst computer viruses of them since 2000. There are different types of PC viruses and worms and you can get SSL certificates services (Symantec, GeoTrust, RapidSSL, Thawte, Comodo ) to avoid these viruses. It is very important for you to take some good precautions to avoid any computer viruses, else you can get into a huge problem. There are many questions asked by PC users regarding viruses such as, how to detect virus in pc?, how to keep your computer virus free?, how to delete virus from pc?, etc.
The information I have shared in this article would help you to detect virus on your PC, so you can eliminate them before they cause any major hard to your data or device. If you still have any questions regarding computer viruses, you can ask us in the comments section.