14/02/2023
Top 10 most dangerous computer viruses of all time
Malware is one of the most serious threats to businesses, and there are hundreds of thousands of these dangerous programs being detected every day. Not all malware strains behave the same way, either. There are worms designed to self-replicate and overwhelm networks as well as ransomware that can completely shut down a system and hold your data hostage. If you’re not careful, your business can suffer massive losses from a single malware attack. But just how much damage can malware truly cause?
A timeline of the most devastating malware in history
To help you understand the impact of malware, we’ve compiled a list of the 10 most dangerous computer malware of all time.
1. Melissa
The Melissa virus was first spotted in March 1999, spreading to the public via internet forums and emails offering free login credentials to adult websites. The virus was delivered through a Microsoft Word document with an embedded macro that, when opened, would run a malicious code. If macros were enabled, Melissa spread itself to the first 50 contacts in a user’s Outlook address book. Infected devices experienced mass mailings and slowdowns.
The goal of the virus wasn’t necessarily to steal massive volumes of data but to disrupt as many computer networks as possible. In fact, Melissa propagated so quickly that it overwhelmed and shut down the email servers of over 300 major organizations worldwide. Forensics reports found that at least $80 million was spent recovering from the global-scale attack.
2. ILOVEYOU
ILOVEYOU, also known as the love letter or the LoveBug virus, was first discovered in May 2000. The malware was delivered to millions of users as an email attachment with the subject line “ILOVEYOU.” Once opened, it spread to every contact in a user’s Microsoft Outlook address book and overwrote certain files (e.g., JPEG and MP3 files) from the hard drive.
Considering how many organizations relied on Outlook for all their email needs at the time, ILOVEYOU was fairly widespread. According to a retrospective report, the virus affected over 45 million computers within 10 days, resulting in approximately $10 billion in damages.
3. Code Red
Code Red was a computer worm designed to exploit major flaws in Microsoft’s Internet Information Services web server. In July 2001, Code Red reportedly attacked over 350,000 web servers, defacing web pages with messages like “Hacked by Chinese.” This widespread attack was possible because worms self-replicate and spread themselves to other machines in the same network. The cost of recovery and damages from this attack was estimated to be $2.75 billion.
4. Klez
The Klez malware appeared in October 2001. It had the capability to exploit buggy Microsoft email clients and spread itself to everyone in a user’s Outlook address book. Even worse, it had the potential to become a “polymorphic” virus, which means that it could keep changing its code to avoid detection by antivirus software. Many cybercriminals developed different variants of the Klez worm, making it extremely troublesome to deal with. The worm was able to infect around 7 million computers, resulting in damages costing tens of billions of dollars worldwide.
5. Sobig
The Sobig worm was not just a worm that could replicate itself but also a Trojan horse, or malware disguised as a harmless program. In 2003, Sobig spread through a mass email chain with seemingly innocuous subject lines like “Thank You!” and “Re: Approved.” If downloaded, the worm would activate and gather files from the host computer to search for email addresses to target. The scope of Sobig was so widespread that it affected computer systems around the world, from North America to Europe to Asia.
6. Mydoom
Mydoom is arguably the worst malware in history, causing more than $38 billion worth of damages in 2004. Like Sobig, it was another type of mass mailing computer worm that stole email addresses from infected computers and sent itself to those addresses. The worm was also capable of using the entire network of infected computers to launch distributed denial-of-service (DDoS) attacks, which essentially flood target websites and servers with so much traffic that they become inoperable. Mydoom is actually still alive today, being used in a small portion of modern phishing campaigns.
7. Sasser
Sasser, another computer worm, targeted machines with Windows XP and Windows 2000 operating systems in 2004. It spread quickly through a vulnerability in the Local Security Authority Subsystem Service, which is responsible for managing user logins and credentials. The worm caused millions of PCs to blue screen and crash, which led many businesses to shut down their networks until the infection was dealt with.
8. Zeus
Zeus is a Trojan horse designed to steal personal financial data such as passwords and bank details. It was first discovered in 2007 and roped infected devices into a botnet, a large network of computers controlled by hackers. Cybercriminals used the botnet to steal money from major corporations and banks. The documented financial damage from the Zeus Trojan was estimated to be around $70 million, but experts believe that costs associated with recovery could be significantly higher.
9. Stuxnet
Stuxnet is a computer worm discovered in 2010, spreading via corrupted USB drives and was predominantly used in cyber warfare. The malware targeted industrial control systems used to control nuclear power plants and other industrial facilities.
Stuxnet was so powerful that it was able to control Iran’s nuclear centrifuges and cause physical damage. While the financial damage caused by Stuxnet was not as large as other malware, it showed how sophisticated malware is capable of physically disrupting critical infrastructure.
10. WannaCry
Discovered in May 2017, WannaCry is one of the most infamous ransomware strains ever. Like most ransomware, WannaCry was designed to encrypt files on infected computers and demand a ransom from its victims. However, the malware was unique in that it spread rapidly throughout computer networks by exploiting vulnerabilities in outdated Windows operating systems.
The ransomware infected over 230,000 computers in more than 150 countries and caused billions of dollars worth of damages to healthcare institutions and major corporations. Financial damages from WannaCry have been estimated to be over $4 billion, and new strains of ransomware are still being developed based on its code.
