This was one of the very interesting articles that i came across in the recent days in one of the top knowledge spreading website "How stuff works". Being most of our readers/visitors are young engineers whoa re very much interested in technology and computers, I found this piece of news good for a share with our readers.
We all know what are viruses coz they are a nightmare of long time, some of the possible effects of them are the information on a hard drive, tie up traffic on a computer network for hours, turn an innocent machine into a zombie and replicate and send themselves to other computers. This is for someone who has never been a victim of computer viruses, according to Consumer Reports, computer viruses helped contribute to $8.5 billion in consumer losses in 2008. Though Computer viruses are just one kind of online threat, but they're arguably the best known of the bunch.
Computer viruses have been around for many years. In fact, in 1949, a scientist named John von Neumann theorized that a self-replicated program was possible. The computer industry wasn't even a decade old, and already someone had figured out how to disrupt the whole process.Personalizations of computers were the main reason which led to the development of these viruses in large scale. A doctoral student named Fred Cohen was the first to describe self-replicating programs designed to modify computers as viruses. The name has stuck ever since.
During 1980’s viruses depended on humans for doing the job of spreading to all other computers but after the venture of “hackers” the scenario changed As an hacker would save the virus to disks and then distribute the disks to other people. Today when we think of a computer virus, we usually imagine something that transmits itself via the Internet. It might infect computers through e-mail messages or corrupted Web links. Programs like these can spread much faster than the earliest computer viruses.
We're going to take a look at 10 of the worst computer viruses to cripple a computer system. Let's start with Melissa virus.
10) Melissa:
Let’s trace to the year 1999, during the spring of that year, a man named David L. Smith created a computer virus based on a Microsoft Word macro. He built the virus so that it could spread through e-mail messages. Smith named the virus "Melissa," saying that he named it after an exotic dancer from Florida.
This virus is sent along with the mail and it tempts the person to open it saying that “not to reveal the message to anybody” once the person falls for it will be sent to 50 other people on the contact list of the receiver.
The virus spread rapidly after Smith introduced it on the world. The United States federal government became very interested in Smith's work -- according to statements made by FBI officials to Congress, the Melissa virus "wreaked havoc on government and private sector networks". The increase in e-mail traffic forced some companies to discontinue e-mail programs until the virus was contained.
After a lengthy trial process, Smith lost his case and received a 20-month jail sentence. The court also fined Smith $5,000 and forbade him from accessing computer networks without court authorization. Ultimately, the Melissa virus didn't cripple the Internet, but it was one of the first computer viruses to get the public's attention.
Flavors of Viruses
In this article, we'll look at several different kinds of computer viruses. Here's a quick guide to what we'll see:
• The general term computer virus usually covers programs that modify how a computer works (including damaging the computer) and can self-replicate. A true computer virus requires a host program to run properly -- Melissa used a Word document.
• A worm, on the other hand, doesn't require a host program. It's an application that can replicate itself and send itself through computer networks.
• Trojan horses are programs that claim to do one thing but really do another. Some might damage a victim's hard drive. Others can create a backdoor, allowing a remote user to access the victim's computer system.
9) ILOVEYOU
Once after the internet was saved from “Mellissa” the threat came in the form of worm, there was this virus which was also a standalone program which bored the message called “I love you” to attract people, once it was opened by an Casanova it starts to replicate and create tantrum.
Flavors of Viruses
In this article, we'll look at several different kinds of computer viruses. Here's a quick guide to what we'll see:
• The general term computer virus usually covers programs that modify how a computer works (including damaging the computer) and can self-replicate. A true computer virus requires a host program to run properly -- Melissa used a Word document.
• A worm, on the other hand, doesn't require a host program. It's an application that can replicate itself and send itself through computer networks.
• Trojan horses are programs that claim to do one thing but really do another. Some might damage a victim's hard drive. Others can create a backdoor, allowing a remote user to access the victim's computer system.
The possible effects on your computer when you accept the proposal would be...
• It copied itself several times and hid the copies in several folders on the victim's hard drive.
• It added new files to the victim's registry keys.
• It replaced several different kinds of files with copies of itself.
• It sent itself through Internet Relay Chat clients as well as e-mail.
• It downloaded a file called WIN-BUGSFIX.EXE from the Internet and executed it. Rather than fix bugs, this program was a password-stealing application that e-mailed secret information to the hacker's e-mail address.
Now for the origin of this virus most of them think that it was created by Onel de Guzman of the Philippines.
8) Klez virus:
Klez gave new dimensions to the entire internet virus that was present at that point of time. It debuted in late 2001, and variations of the virus plagued the Internet for several months.It was a worm that was sent to the victim through an email and it would replicate and send itself to all the people in the contact list of the victim, sometimes it may also disable the scanning process done in the system making the damage irreversible. Some variations of the Klez virus carried other harmful programs that could render a victim's computer inoperable
7) Code red code red II:
This virus came to existence from the summer of year 2001.Both of them started exploiting the os of the machine in which it was running. Mostly machine with windows 2000 and Windows NT were very venerable to this virus. The vulnerability was a buffer overflow problem, which means when a machine running on these operating systems receives more information than its buffers can handle; it starts to overwrite adjacent memory. The original Code Red worm initiated a distributed denial of service (DDoS) attack on the White House. That means all the computers infected with Code Red tried to contact the Web servers at the White House at the same time, overloading the machines.
Any computer that was affected by this virus won’t respond to the owner any longer coz the person who launched this virus would have created a backdoor and would access the system from that. In computing terms, this is called system-level compromise and its bad news for the computer's owner. The person behind the virus can access information from the victim's computer or even use the infected computer to commit crimes. That means the victim not only has to deal with an infected computer, but also may fall under suspicion for crimes he or she didn't commit.
While Windows NT machines were vulnerable to the Code Red worms, the viruses' effect on these machines wasn't as extreme. Web servers running Windows NT might crash more often than normal, but that was about as bad as it got. Compared to the woes experienced by Windows 2000 users, that's not so bad.
Microsoft released software patches that addressed the security vulnerability in Windows 2000 and Windows NT. Once patched, the original worms could no longer infect a Windows 2000 machine; however, the patch didn't remove viruses from infected computers -- victims had to do those themselves.
6) Nimda:
This virus was also launched in the same year its nothing but the word “admin” spelled in reverse. It spread the internet very rapidly becoming the fastest spreading virus at that point of time. In fact, according to TruSecure CTO Peter Tippett, it only took 22 minutes from the moment Nimda hit the Internet to reach the top of the list of reported attacks.
Nimda was mainly intended to damage the internet services though they could infect a PC also. Its main motive was to make the internet traffic to crawl. It would travel through internet using multiple ways like email etc. This helped spread the virus across multiple servers in record time.
The Nimda worm created a backdoor into the victim's operating system. It allowed the person behind the attack to access the same level of functions as whatever account was logged into the machine currently. In other words, if a user with limited privileges activated the worm on a computer, the attacker would also have limited access to the computer's functions. On the other hand, if the victim was the administrator for the machine, the attacker would have full control.
All the system resource became fodder to the Nimda worm and the network system failed more frequently. In effect, the Nimda worm became a distributed denial of service (DDoS) attack.
Phoning it In
Not all computer viruses focus on computers. Some target other electronic devices. Here's just a small sample of some highly portable viruses:
• CommWarrior attacked smart phones running the Symbian operating system (OS).
• The Skulls Virus also attacked Symbian phones and displayed screens of skulls instead of a home page on the victims' phones.
• RavMonE.exe is a virus that could infect iPod MP3 devices made between Sept. 12, 2006, and Oct. 18, 2006.
• Fox News reported in March 2008 that some electronic gadgets leave the factory with viruses pre-installed -- these viruses attack your computer when you sync the device with your machine .Next, we'll take a look at a virus that affected major networks, including airline computers and bank ATMs.
5: SQL Slammer/Sapphire:
It was late in the year 2003 when an unexpected attack happened on many dbms system because of the SQL virus called sapphire causing several ATM systems to crash, restricting people from 911 services, Continental Airlines had to cancel several flights due to electronic ticketing and check-in errors etc.
By some estimates, the virus caused more than $1 billion in damages before patches and antivirus software caught up to the problem. The progress of Slammer's attack is well documented. Only a few minutes after infecting its first Internet server, the Slammer virus was doubling its number of victims every few seconds. Fifteen minutes after its first attack, the Slammer virus infected nearly half of the servers that act as the pillars of the Internet.
However this virus taught people a valuable lesson that just by using a latest patches or by antivirus software we can’t restrict hackers who are constantly looking for weaknesses in developers. It proved that it’s also necessary to be ready for worst case attacks too.
A Matter of Timing
Some hackers program viruses to sit dormant on a victim's computer only to unleash an attack on a specific date. Here's a quick sample of some famous viruses that had time triggers:
• The Jerusalem virus activated every Friday the 13th to destroy data on the victim computer's hard drive
• The Michelangelo virus activated on March 6, 1992 -- Michelangelo was born on March 6, 1475
• The Chernobyl virus activated on April 26, 1999 -- the 13th anniversary of the Chernobyl meltdown disaster
• The Nyxem virus delivered its payload on the third of every month, wiping out files on the victim's computer.
4) MyDoom:
The MyDoom or Novarg virus is another worm that can create a backdoor in the victim computer's operating system. The original MyDoom virus there has been several variants and it had two triggers. One trigger caused the virus to begin a denial of service (DoS) attack starting Feb. 1, 2004. The second trigger commanded the virus to stop distributing itself on Feb. 12, 2004. Even after the virus stopped spreading, the backdoors created during the initial infections remained active.
There was also a second outbreak that happened causing all the search engine companies to grieve. This virus searched the victim’s computer for email addresses as a part of its replication, it would also send a search request to a search engine and use e-mail addresses found in the search results. Eventually, search engines like Google began to receive millions of search requests from corrupted computers. These attacks slowed down search engine services and even caused some to crash.
MyDoom spread through e-mail and peer-to-peer networks. According to the security firm Message Labs, one in every 12 e-mail messages carried the virus at one time. Like the Klez virus, MyDoom could spoof e-mails so that it became very difficult to track the source of the infection.
3) Sasser and Netsky:
This virus is named after the person who created them, usually virus developers escape detection but there are also times when we can trace the origin of the virus one such case was this Sven Jaschan case a 17 yr old who developed two different programs which worked in different ways on the net. But made the security experts believe that they work for the same person.
The Sasser worm attacked computers through a Microsoft Windows vulnerability. Unlike other worms, it didn't spread through e-mail. Instead, once the virus infected a computer, it looked for other vulnerable systems. It contacted those systems and instructed them to download the virus. The virus would scan random IP addresses to find potential victims. The virus also altered the victim's operating system in a way that made it difficult to shut down the computer without cutting off power to the system. This is the story of Sasser virus as far as the Netsky is considered to move through the email over the net as usual. It spoofs e-mail addresses and propagates through a 22,016-byte file attachment. As it spreads, it can cause a denial of service (DoS) attack as systems collapse while trying to handle all the Internet traffic. At one time, security experts at Sophos believed Netsky and its variants accounted for 25 percent of all computer viruses on the Internet.
2) Leap-A/Oompa-A:
Maybe you've seen the ad in Apple's Mac computer marketing campaign where Justin "I'm a Mac" Long consoles John "I'm a PC" Hodgman. Hodgman comes down with a virus and points out that there are more than 100,000 viruses that can strike a computer. Long says that those viruses target PCs, not Mac computers.
But most of the time it’s true because the apple os are protected by a concept called “security through obscurity”. Apple is known for keeping it hardware and software both close there by making this operating system obscure. Traditionally, Macs have been a distant second to PCs in the home computer market. A hacker who creates a virus for the Mac won't hit as many victims as he or she would with a virus for PCs.
But this hasn’t stopped anybody from creating a virus that damages the MAC system; it was tied up with the iChat instant message program and went on clinging to all the other MAC systems on the list. The message contains a corrupted file that appears to be an innocent JPEG image.
The Leap-A virus doesn't cause much harm to computers, but it does show that even a Mac computer can fall prey to malicious software. As Mac computers become more popular, we'll probably see more hackers create customized viruses that could damage files on the computer or snarl network traffic. Hodgman character may yet have his revenge.
1) Strom Worm:
The latest virus on our list is the dreaded Storm Worm. It was late 2006 when computer security experts first identified the worm. The public began to call the virus the Storm Worm because one of the e-mail messages carrying the virus had as its subject "230 dead as storm batters Europe." Antivirus companies call the worm other names. For example, Symantec calls it Peacomm while McAfee refers to it as Nuwar. This might sound confusing, but there's already a 2001 virus called the W32.Storm.Worm. The 2001 virus and the 2006 worm are completely different programs.
The Storm Worm is a Trojan horse program. Its payload is another program, though not always the same one. Some versions of the Storm Worm turn computers into zombies or bots. As computers become infected, they become vulnerable to remote control by the person behind the attack. Some hackers use the Storm Worm to create a botnet and use it to send spam mail across the Internet.
Many versions of the Storm Worm fool the victim into downloading the application through fake links to news stories or videos. The people behind the attacks will often change the subject of the e-mail to reflect current events. For example, just before the 2008 Olympics in Beijing, a new version of the worm appeared in e-mails with subjects like "a new deadly catastrophe in China" or "China's most deadly earthquake." The e-mail claimed to link to video and news stories related to the subject, but in reality clicking on the link activated a download of the worm to the victim's computer.
Several news agencies and blogs named the Storm Worm one of the worst virus attacks in years. By July 2007, an official with the security company Postini claimed that the firm detected more than 200 million e-mails carrying links to the Storm Worm during an attack that spanned several days. Fortunately, not every e-mail led to someone downloading the worm.
Although the Storm Worm is widespread, it's not the most difficult virus to detect or remove from a computer system. If you keep your antivirus software up to date and remember to use caution when you receive e-mails from unfamiliar people or see strange links, you'll save yourself some major headaches.