This virus infected computers through email and appeared as a love confession to the recipient. Once people clicked on the attachment, it immediately sent itself out to everyone in the user’s email list, overwrote files, and made the infected computer completely unbootable.
Computers would also copy users’ passwords and then send them back to the authors of the virus. This was potentially catastrophic for large corporations and governments. Having spread among roughly 50 million computers in just 10 days, it caused the CIA, Pentagon, and a host of large corporations to shut down their email systems.
The total damage is estimated at between $10 – $15 billion.
The Melissa virus was disguised as a list of passwords to adult websites and distributed as a Microsoft Word document. At the time, a list of that nature was in high demand, leading many people to download and open it. However, when they did, they would receive a nasty surprise.
The virus would send itself to the top 50 people in the user’s address book, which put a lot of pressure on email traffic worldwide.
The hacker responsible for the attack helped the FBI to catch other virus creators and got away with only 20 months in prison and a $5,000 fine. It is estimated that the Melissa virus caused $80 million worth of damages.
The Code Red worm exploited a vulnerability in Windows NT and 2000, causing a buffer overflow by sending a string of random data. This would force computers to overwrite memory with new instructions from the worm. Some computers would crash, while others would launch an attack on the White House website. The worm then tried to make copies of itself and also defaced local server pages with the infamous “Hacked by Chinese.”
The infection affected more than 1 million computers, with $2.6 billion in damages.
Sobig Worm (Sobig.F)
Sobig was not only a self-replicating computer worm, but also a Trojan disguising its true content. Sobig.F would usually turn up in emails with subject lines like “Re: Thank you!”, “Your details”, “Re: Details,” and many others.
Due to the sheer volume of emails that it was able to send, the worm eventually brought down computer traffic in Washington, D.C., slowed down computer systems of large corporations, and even caused Air Canada to be grounded.
An estimated 2 million computers were infected, with roughly $37 billion in damages.
MyDoom was discovered by Craig Schmugar, a McAfee employee at the time, who noticed the line of text ‘mydom’ in the program’s code. He added ‘doom’ to the name, believing the worm to be huge.
And he wasn’t wrong. MyDoom became one of the fastest email worms to spread around the world since ILOVEYOU. The worm appears as an email transmission error and contains an attachment of itself. If the user clicks on it, it immediately sends itself to all the email addresses in the user’s address book.
MyDoom slowed the internet down by up to 10% on the day of its release, infected roughly 2 million computers, and caused $38 billion in damages.
The Conficker worm was first spotted in 2008, causing panic among Windows users. It could grant itself administrator rights on infected computers, delete system restore, block users from searching any information on malware removal, look for uninfected computers in the network, and execute programs.
Besides personal computers, the virus managed to infect the networks of the armed forces of Germany, the French Navy and the United Kingdom Ministry of Defense.
Cybersecurity experts believe that Conficker was created by Ukrainian hackers, as it was programmed not to attack computers with a Ukrainian keyboard.
It is estimated that Conficker managed to infect around 15 million computers worldwide and cost more than $9 billion. As of today, Conficker is still alive and running, but is not as notorious as it was.
Sasser and Netsky viruses
Sasser and Netsky were two viruses created in 2004 by a 17-year-old German named Sven Jaschan. While at first no one assumed the viruses were connected, soon researchers discovered that they used a similar code.
The Sasser worm would scan potential IP addresses in search of vulnerable systems and instruct them to download the virus. It also made changes in the operating system so you could shut down the computer only by unplugging it. Within 48 hours Sasser infected 1.3 million computers, halting rail service in Australia, forcing Delta Airlines to cancel several flights, and making Finland’s Sampo bank close 130 branches.
The Netsky virus existed as an email attachment. Once opened, it would send emails to all the contacts, spreading itself even further. Netsky was said to be one of the most dangerous viruses of 2004, as it caused 1 in 5 virus incidents that year.
It is believed that Sasser and Netsky were responsible for at least a couple of billion dollars of damage. Since Sven Jaschan was underage at the time he created the viruses, he spent no time in jail and even got a job offer at a cybersecurity company.
While Zeus is the king of gods in Greek mythology, it is also one of the worst Trojans ever created. Zeus (also known as Zbot) was designed to steal information such as credit card details and passwords from computers. Since its creation in 2007, Zeus has managed to extract confidential information from NASA, The Bank of America, Amazon, CISCO, and many others.
The hackers would make unauthorized transfers amounting to thousands of dollars at a time and attempted to steal around $220 million from accounts worldwide.
The programmer who created Zeus didn’t steal money himself, but would sell the software to criminal gangs for as little as $1000, offering them 24/7 support.
CryptoLocker is ransomware that spread through email attachments: it encrypted users’ files with a 2048-bit RSA public key and asked for payment. Victims had about 72 hours to pay a ransom of around $400 — otherwise their files would be destroyed.
CryptoLocker affected more than 500,000 users, but only 1.3% paid the hackers. Despite the low response rate, the criminals managed to collect around $3 million.
Security experts took over CryptoLocker’s database of victims and created an online portal where users could get the key to decrypt their files.
This ransomware inspired many wannabe hackers to start using its code to create their own viruses.
SQL Slammer (also known as Sapphire) was created in 2003 and in only 15 minutes infected half of the servers that ran the internet, causing a worldwide bandwidth slowdown.
Slammer installed itself on computers by running a false version of a Microsoft database package called SQL Server 2000. Since it was mainly used by system administrators, it didn’t have an effect on regular users. Slammer generated tremendous amounts of network packets, overloading servers and routers.
In the US, most of the 13,000 ATMs operated by Bank of America became unusable. South Korea almost lost all its internet access. The total cost of this malware exceeds $1 billion.
How can you protect yourself?
- Update your antivirus software. Set up automatic updates for your important apps and antivirus/anti-malware programs. Check regularly to make sure the software is up to date.
- Do not click on links or attachments in suspicious emails. A lot of hacking and malware efforts are successful because people trust emails from random strangers. This is known as phishing, and it happens to many people. It allows hackers to steal your financial information and other sensitive data. So if you don’t know or trust the source, or if the message looks fishy, don’t click on the link or attachment.
- Be careful on public hotspots. Public Wi-Fi is very convenient. However, it does leave you open to man-in-the-middle attacks and other nefarious ways for hackers and snoopers to get your information. When on public Wi-Fi, don’t check any sensitive information. Better yet, get a VPN for your computer which provides a layer of protection to keep your communication safe.
- Do not click on pop-ups. When visiting certain websites, you may get pop-up alerts that claim to have found malware or viruses on your computer. Don’t click on those. In fact, don’t click on any pop-ups, as they will more often than not install malware or adware.
- Do not download pirated files from suspicious sites. Downloading things for free is tempting, but may often contain malware or adware as a bonus. Be very careful on torrent sites, especially ones you’ve never heard about.
- Use Threat Protection. We also recommend to use NordVPN’s Threat Protection feature. It helps you identify malware-ridden files, stops you from landing on malicious websites, and blocks trackers and intrusive ads on the spot.
Want to read more like this?
Get the latest news and tips from NordVPN