Sunday, February 27, 2011

Most dangerous viruses



Computer viruses have a relatively short history, but the damages caused by some of them pushed cyber-experts to opening a new chapter on computer viruses. Some viruses led to serious damages and affected a large number of companies, universities and even governments. Here are some of the most dangerous computer viruses in history:





Jerusalem - 1987



This is one of the first MS-DOS viruses in history that caused enormous destructions, affecting many countries, universities and companies worldwide. On Friday 13, 1988 the computer virus managed to infect a number of institutions in Europe, America and the Middle East. The name was given to the virus after one of the first places that got "acquainted" with it - the Jerusalem University. Along with a number of other computer viruses, including "Cascade", "Stoned" and "Vienna" the Jerusalem virus managed to infect thousands of computers and still remain unnoticed. Back then the anti-virus programs were not as advanced as they are today and a lot of users had little knowledge of the existence of computer viruses. Morris (a.k.a. Internet Worm)

November 1988


This computer virus infected over 6,000 computer systems in the United States, including the famous NASA research Institute, which for some time remained completely paralyzed. Due to erratic code, the worm managed to send millions of copies of itself to different network computers, being able to entirely paralyze all network resources. The damages caused by the Morris computer virus were estimated at $96 millions. To be able to spread, the computer virus used errors in such operating systems as Unix for VAX and Sun Microsystems. The virus could also pick user passwords.

Solar Sunrise - 1998 A decade later the situation didn't change, in fact it even got worse. Using a computer virus, hackers, in 1998, penetrated and took control of over 500 computer systems that belonged to the army, government and private sector of the United States. The whole situation was dubbed Solar Sunrise after the popular vulnerabilities in computers that run on the operating system called Sun Solaris. Initially it was believed that the attacks were planed by the operatives in Iraq. It was later revealed that the incidents represented the work of two American teenagers from California. After the attacks, the Defense Department took drastic actions to prevent future incidents of this kind.

Melissa - 1999

For the first time computers got acknowledged with Melissa computer virus on March 26, 1999, when the virus shut down the Internet mail system, which got blocked with e-mails infected by the worm. It is worth mentioning that at first Melissa was not meant to cause any harm, but after overloading the servers, it led to serious problems. For the first time it spread in the Usenet discussion group alt.s3%. Melissa was hidden within a file called "List.DiC", which featured passwords that served as keys to unlocking 80 pornographic websites. The original form of the virus was sent through e-mail to different users. Melissa computer virus was developed by David L. Smith in Aberdeen Township, New Jersey. Its name comes from a lap dancer that the programmer got acknowledged with while in Florida. After being caught, the creator of the virus was sentenced to 20 months in federal prison and ordered to pay a fine of $5,000. The arrest was made by a team of representatives from FBI, New Jersey State Police and Monmouth Internet. Melissa had the ability to multiply on Microsoft Word 97 and Word 2000, as well as on Microsoft Excel 97, 2000 and 2003. In addition, the virus had the ability to mass-mail itself from Microsoft Outlook 97 and Outlook 98.

I Love You - May 2000


Using a similar method as the Melissa, the computer virus dubbed "I Love You" managed to infect millions of computers around the world overnight. Just like Melissa this computer virus sent passwords and usernames, which were stored on the attacked computers, back to the developer of the virus. After authorities traced the virus they found that a young Filipino student was behind the attack. The young man was released due to the fact that the Philippines did not have any law that would prevent hacking and spreading malware. This situation served as one of the premises for creating the European Union's global Cybercrime Treaty .

The Code Red worm - July 2001

This 21st century computer virus managed to penetrate tens of thousands of systems that ran Microsoft Windows NT and Windows 2000 server software. The damages caused by the Code Red computer virus were estimated at $2 billion. Core Red was developed to use the power of all computers it infected against the official website of the White House at a predetermined date. In collaboration with different virus hunters and tech firms, the White House managed to decipher the code of the Code Red virus and stop traffic as the malware started its attacks.

Nimda - 2001


Shortly after the September 11 tragedy this computer virus infected hundreds of thousands of computers worldwide. Nimda was considered to be one of the most complicated viruses, having 5 different methods of infecting computers systems and being able to duplicate itself.

Downadup - 2009

The latest and most dangerous virus is the "downadup" worm, which was also called "Conficker". The computer security company F- Secure stated that the computer virus has infected 3.5 million computers worldwide. This malicious program was able to spread using a patched Windows flaw. Downadup was so "successful" in spreading across the Web, because it used a flaw that Microsoft patched in October in order to distantly compromise computers that ran unpatched versions of Microsoft's operating system. But the greatest power of the worm is believed to be the ability of computers, infected with the worm, to download destructive code from a random drop point. F- Secure stated that three of the most affected countries were China, Brazil and Russia.

Stuxnet

Stuxnet is a Windows computer worm discovered in July 2010 that targets industrial software and equipment. While it is not the first time that hackers have targeted industrial systems, it is the first discovered malware that spies on and subverts industrial systems,and the first to include a programmable logic controller (PLC) rootkit. The worm initially spreads indiscriminately, but includes a highly specialized malware payload that is designed to target only Siemens Supervisory Control And Data Acquisition (SCADA) systems that are configured to control and monitor specific industrial processes. Stuxnet infects PLCs by subverting the Step-7 software application that is used to reprogram these devices The probable target of Stuxnet is widely suspected to be uranium enrichment infrastructure in Iran;Symantec noted in August 2010 that 60% of the infected computers worldwide were in Iran. Although Siemens initially stated that the worm had not caused any damage, on November 29, Iran confirmed that its nuclear program had indeed been damaged by Stuxnet.The infestation by this worm may therefore have damaged Iran's nuclear facilities in Natanz and eventually delayed the start up of Iran's Bushehr Nuclear Power Plant. Kaspersky Labs concluded that the sophisticated attack could only have been conducted "with nation-state support"and it has been speculated that Israel may have been involved.

History

The worm was first reported by the security company VirusBlokAda in mid-June 2010, and roots of it have been traced back to June 2009.It contains a component with a build time stamp from 3 February 2010. Kaspersky virus experts believe that Stuxnet started spreading around March or April 2010.In the United Kingdom on 25 November 2010, Sky News reported that it had received information that the Stuxnet worm, or a variation of the virus, had been traded on the black market. The name is derived from some keywords discovered in the software.

1 comments:

Thanks for the great article and it was very informative too..

Post a Comment

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites