Many websites love to make their “TOP” lists of something. We also decided to make our list of the most “invest-worthy” viruses of all time.
The term “virus” comes from an analogy with biological viruses. Like biological viruses, computer viruses can spread and infect other systems.
Terms like “virus,” “worm,” “backdoor,” “rootkit,” and “Trojan horse” are often mixed up in one pile. Of course, they all refer to malware, or malicious software. Nevertheless, they need to be distinguished from each other. From the very beginning, the preferred target of malware has been the Windows operating system, and that remains true to this day.
First, there was the virus...
It can spread itself, but it requires a carrier program. The virus “infects” a file, for example, with the extension . Physically, this means that it adds its own code to the file. The spread then occurs when files are transmitted.
In contrast, the worm does not need a carrier program. Once it gets on a computer, it uses a kind of SMTP server to send itself to all the addresses found on the computer.
The Trojan horse does what you might expect from its name: it disguises itself as useful software. You already know that it is not what it seems. Once it is launched, it causes destructive damage.
The backdoor is a “black hat” – a loophole that allows access to a PC. In most cases, it is just one line in a PHP script. The hacker is either involved in software development or uses a Trojan horse. In any case, with the help of a backdoor, cybercriminals can gain access to a PC for quite some time.
The rootkit is, so to speak, the burglar’s picklock. It exploits vulnerabilities in operating systems and software, thereby obtaining administrator rights.
The keylogger is a program that records everything the user types on the keyboard, including logins, passwords, credit card numbers, and other personal information. The cybercriminal can use this information to steal money or personal data.
The botnet is a network of computers hijacked by a cybercriminal and used to perform unwanted tasks, such as sending spam, DDoS attacks, or cryptocurrency mining. Computers in the botnet are usually infected through Trojan horses or other types of malware.
And to combat all this diversity, antivirus programs have appeared that can help protect computers. However, some viruses can use new infection methods to bypass antivirus protection.
Who Came First?
The first network virus, Creeper, appeared in the early 1970s in the military computer network Arpanet, a prototype of the Internet. The program was able to independently access the network through a modem and save its copy on a remote machine. On infected systems, the virus identified itself with the message:
I'M THE CREEPER: CATCH ME IF YOU CAN.
Overall, the virus was harmless, but it annoyed personnel.
To remove the persistent but ultimately harmless virus, an unknown individual created the program Reaper. In essence, it was also a virus that performed some functions typical of an antivirus: it spread through the computing network and destroyed the Creeper virus when its body was detected.
The appearance of Creeper not only marked the beginning of modern malicious software but also gave rise to a stage of virus development where virus writing became the domain of a few talented programmers without any material goals.
And where is your Top 15?
Well, I’m afraid my Top 15 is a bit late to the party, but hey, at least we now know who the first one on the dance floor was – Creeper. Maybe it just wanted to show off its moves with that “Catch me if you can” message. Who knows? But let’s hope the rest of the party guests are not as annoying as Creeper and Reaper. We wouldn’t want to have any uninvited viruses crashing the party.
Macro Virus | VBA
Spread through infected email attachments and replicated itself by sending messages to the first 50 contacts in a user's address book
Email Worm | VBScript
Spread through infected email attachments with a subject line "ILOVEYOU" and caused widespread damage to systems and files
Philippines, US, Europe
Email Worm | VBScript
Exploited a vulnerability in Microsoft's IIS web server software and launched a Distributed Denial of Service (DDoS) attack
Email Worm | Assembly
Spread through infected email attachments and emails with random subjects and addresses
Internet Worm | C
Exploited a vulnerability in Microsoft's SQL Server and Desktop Engine software; caused widespread network disruption and outages
Email Worm | Assembly
Spread through infected email attachments with various subjects and caused email and network overload
Network Worm | Assembly
Exploited a vulnerability in Microsoft's Local Security Authority Subsystem Service (LSASS) and caused infected systems to reboot
Email Worm | C++
Spread through email attachments and launched a DDoS attack against the website of the SCO Group
Botnet Trojan | Multiple
Spread through infected email attachments and built a botnet of compromised systems for use in spam and phishing attacks
Network Worm | Multiple
Exploited a vulnerability in Microsoft's Server service and launched DDoS attacks and spam campaigns
Targeted Malware | Multiple
Designed to attack industrial control systems and specifically targeted Iran's nuclear program; used several zero-day vulnerabilities
Iran, India, Indonesia, Pakistan
Trojan horse | C++
Banking Trojan that targeted financial institutions and stole over a billion dollars in total
A ransomware that overwrites the master boot record of the infected computer, making it impossible to boot the system without paying a ransom
Ukraine, Russia, India, United States
Exploit | C++
A ransomware that spread rapidly through a Windows vulnerability, causing widespread disruptions and financial damage
China, Russia, Ukraine, India, Taiwan
Supply Chain Attack
A sophisticated cyber attack that targeted the supply chain of SolarWinds, a popular IT management software, compromising several high-profile US government agencies and companies.
Looking at this timeline, we can identify several groups of viruses based on their malicious activities and the year they appeared.
Group 1: Exploits and Ransomware Stuxnet, WannaCry, NotPetya – these viruses are exploits that attack vulnerabilities in Windows operating systems. NotPetya is a sophisticated cyberattack aimed at infecting computer networks in government agencies and large companies in Ukraine, Russia, India, and other countries. These viruses cause significant harm to the health and well-being of companies, organizations, and individuals, as well as national economies.
Group 2: Banking Trojans Carbanak – is a banking Trojan that is designed to attack financial institutions. This virus, created in Russia or Eastern Europe, stole more than a billion dollars in total. These viruses pose a serious threat to banking security and can lead to serious financial consequences for companies and customers.
Group 3: Email Worms Melissa, ILOVEYOU, Klez, SOBIG.F, and MyDoom – these are email worms that spread through infected electronic messages. These viruses do not cause direct harm to companies and individuals, but they can lead to email overload and network failures.
Group 4: Network Worms SQL Slammer/Sapphire, Storm Worm, Code Red, and Sasser – these are network worms that spread through vulnerabilities in network protocols and services. These viruses can lead to widespread network failures and serious cybersecurity issues.
And remember, always practice safe browsing and make sure your computer’s antivirus software is up to date, unless you’re into living on the edge and playing virus roulette! 😂
Well, it’s no surprise that most of the viruses on this list were designed to target Windows systems. After all, Windows is like the popular kid in school that everyone wants to mess with. Plus, users love to live dangerously and work with admin privileges, right?
Some of these viruses, like Melissa, ILOVEYOU, and SOBIG.F, spread through email, while others, such as Code Red and SQL Slammer/Sapphire, took advantage of vulnerabilities in web servers and databases.
It’s also worth noting that some of these viruses were specifically created to attack certain systems or countries. Stuxnet, for example, was developed to attack the uranium enrichment facilities in Iran, while WannaCry targeted computers in Russia, Ukraine, and other countries.
All in all, these data show that cyber attacks are a serious problem that can result in significant economic losses and pose a threat to national security. So, it’s essential to take measures to protect your systems from such attacks and improve overall cyber security. Just remember, the best defense against a virus is a good antivirus and a healthy dose of skepticism towards suspicious emails and attachments.
Trying to calculate the exact damages caused by these viruses is like trying to catch a greased pig – difficult and slippery, and the numbers presented here are about as reliable as a weather forecast in April.
But looking at the chart and their estimated damages, it’s clear that MyDoom hogged the spotlight and caused the most significant financial losses with estimated damage of $39 billion in 2004. Coming in second place is SOBIG.F, which also made a hefty chunk of change, causing an estimated damage of $37 billion in 2003. NotPetya takes the third spot with an estimated damage of $10 billion, which is nothing to snort at.
Well, at least now we know what kind of “animals” to watch out for in the digital jungle. Just remember to keep your antivirus software up to date and never trust any suspicious-looking software or email attachments. Stay safe, folks!
Our website also provides information on various other cybersecurity threats.