The 10 Most Destructive PC Viruses Of All Time


(Page 2 of 3) Jul 5, 2006 09:00 AM

Code Red (2001)

Estimated Damage: 2.6 billion dollars

Code Red was a computer worm that was unleashed on network servers on July 13, 2001. It was a particularly virulent bug because of its target: computers running Microsoft's Internet Information Server (IIS) Web server. The worm was able to exploit a specific vulnerability in the IIS operating system. Ironically, Microsoft had released a patch addressing this hole in mid-June.

Also known as Bady, Code Red was designed for maximum damage. Upon infection, the Web site controlled by the affected server would display the message, "HELLO! Welcome to http://www.worm.com! Hacked By Chinese!" Then the virus would actively seek other vulnerable servers and infect them. This would go on for approximately 20 days, and then it would launch denial of service attacks on certain IP addresses, including the White House Web server. In less than a week, this virus infected almost 400,000 servers, and it's estimated that one million total computers were infected.

A Web site infected by Code Red. Courtesy of F-Secure. Click image to launch image gallery.

SQL Slammer (2003)

Estimated Damage: Because SQL Slammer erupted on a Saturday, the damage was low in dollars and cents. However, it hit 500,000 servers worldwide, and actually shut down South Korea's online capacity for 12 hours.

SQL Slammer, also known as Sapphire, was launched on January 25, 2003. It was a doozy of a worm that had a noticeable negative impact upon global Internet traffic. Interestingly enough, it didn't seek out end users' PCs. Instead, the target was servers. The virus was a single-packet, 376-byte worm that generated random IP addresses and sent itself to those IP addresses. If the IP address was a computer running an unpatched copy of Microsoft's SQL Server Desktop Engine, that computer would immediately begin firing the virus off to random IP addresses as well.

		20 Years Of PC Viruses
		Introduction  A Brief History Of Viral Time  The 10 Most Destructive Viruses
		•  CIH	•  Blaster
		•  Melissa	•  Sobig.F
		•  ILOVEYOU	•  Bagle
		•  Code Red	•  MyDoom
		•  SQL Slammer	•  Sasser
		Early Days On The Antivirus Front  What To Do In A Malware Attack
		Virus Image Gallery  Virus Timeline

With this remarkably effective way of spreading, Slammer infected 75,000 computers in 10 minutes. The outrageously high amounts of traffic overloaded routers across the globe, which created higher demands on other routers, which shut them down, and so on.

Blaster (2003)

Estimated Damage: 2 to 10 billion dollars, hundreds of thousands of infected PCs

The summer of 2003 was a rough time for businesses running PCs. In rapid succession, IT professionals witnessed the unleashing of both the Blaster and Sobig worms. Blaster, also known as Lovsan or MSBlast, was the first to hit. The virus was detected on August 11 and spread rapidly, peaking in just two days. Transmitted via network and Internet traffic, this worm exploited a vulnerability in Windows 2000 and Windows XP, and when activated, presented the PC user with a menacing dialog box indicating that a system shutdown was imminent.

Hidden in the code of MSBLAST.EXE -- the virus' executable " were these messages: "I just want to say LOVE YOU SAN!!" and "billy gates why do you make this possible? Stop making money and fix your software!!"

Like many viruses, Blaster contained hidden messages. Courtesy of F-Secure. Click image to enlarge and to launch image gallery.

The virus also contained code that would trigger a distributed denial of service attack on windowsupdate.com on April 15, but Blaster had already peaked and was mostly contained by then.

Page 3: 2003 - 2004
« Previous Page | 1 2 3 Next Page »