Nimda (backwards for “admin”) is a top 10 deadliest computer virus since it is a malicious worm and file infector. It was originally released in 2001 and targeted Internet servers. The virus spread by use of e-mail, open network shares, compromised or “fake” websites, Internet Explorer 5.5 and by exploitation of Microsoft 4.0/5.0 directory vulnerabilities. If the virus was received by e-mail the message would appear blank. Once the computer was infected by any of these methods it created a backdoor and modified Web documents or executable files.
The Storm Worm is a Trojan horse virus that affects computers that use Microsoft operating systems. It is spread by use of email attachment. Using catchy email headings like “Death Toll in China exceeding 100,000” it lured unsuspecting people into opening them. Once the attachment is opened, malware was installed that infected the computer and downloaded malicious packets which were spread to other computers. The computer is then made into a zombie “botnet” which becomes attached to the Storm Worm server and used to forward the virus to other computers. This nasty virus has affected major networks including Comcast and Roadrunner. It is considered one of the top 10 deadliest computer viruses since it cannot be detected by antivirus programs due to its encrypted design.
Bagle (Netsky) is a malicious computer virus that can affect all versions of Microsoft Windows operating systems. It is thought to be created in Germany by using the assembly programming language. Bagle uses a SMTP engine to email itself on a massive scale. The email recipient will find the virus as an attachment. When opened it copies itself into the Windows system directory it opens TCP port 6777 or 8866. This creates a backdoor that provides remote access to the computer. It also spreads by using the infected computers e-mailing network. It was first discovered in January 2004. As of June 2010, the Bagle virus continues to remain a nuisance to computer users through new morphed versions.
SQL Slammer was a computer virus that caused denial of service (DDoS) and slowed down general Internet traffic. In 2003 over 75,000 machines were affected within 10 minutes. It worked by exploiting a bug in Microsoft SQL Server 2000 (which has since been updated).The SQL Slammer code generates random IP addresses and then sends itself out to those addresses. If a particular address is running a non-updated copy of the Microsoft SQL Server resolution service the computer becomes infected. The virus then spreads copies of itself on the Internet.
Code Red Virus
The Code Red virus attacked computers using Microsoft IIS 2.0 Web server and Windows 2000 indexing. The computers that were vulnerable to it used Microsoft Windows NT 4.0. The computer virus was released in July 2001. It worked by exploiting a vulnerability in the in the IIS indexing software. The result was defacement of websites which would display the following phrase: “HELLO! Welcome to https://www.worm.com! Hacked By Chinese!” It then would launch denial of service attacks (DDoS) about 30 days later on several IP addresses.
No one would think that the phrase “I love you” would result in being one of the top 10 deadliest computer viruses. It originated in 2000 as an email to Windows computer users that included the subject heading “ILOVEYOU” along with a file attachment. After opening the attachment, the worm virus would send a copy of itself to every email address in the victims contact list by using the users sending address. It also made unwanted malicious changes to their system by overwriting files and making more copies of itself.
Leap or Oompa-Loompa Virus
This is a LAN spreading Trojan horse virus that affected Mac OS X operating systems. Once the computer was infected it altered application files. Discovered in 2006, the virus was spread over a local area network using the Bonjour iChat instant message program. The virus then attempts to prompt the user to login with the administrator password. If successful it infected the user’s software applications that were recently opened with a login password. After this the application programs would not open. The Leap virus was further spread by sending emails to all contacts in the users Bonjour buddy list.
MyDoom is a top 10 deadliest computer virus worm since it affected users of Windows operating systems. It originated in 2004 and spread by email and through the Kazaa peer-to-peer network. The worm arrives as an email message attachment. It then created a backdoor by opening TCP ports 3127 through 3198. Once the computer was compromised, it accessed network resources. The virus was also designed to release a denial of service attack (DDoS).
The Klez Virus
Klez is a virus that behaved like a worm or a Trojan horse. Klez first arrived in 2001 as an email attachment targeted at computers that used Microsoft Windows operating systems. When opened, it stole all email addresses in the users contact list and on the compromised computer’s hard drive. The virus did not stop there. It infected program applications and disabled antivirus software. Then the virus waited for thirteen days, and corrupted the victim’s personal files and any network drive attached to their computer.
Melissa was the original top 10 deadliest computer viruses that appeared in the 1990’s. It was a macro virus that spread on Microsoft Word 97/2000 and Microsoft Excel 97/2000/20003 documents. It was first seen in the late 90’s. If an infected document was opened, the virus attempted to send out mass emails using the attached computer’s address book. It was also capable of deleting critical computer files. Other variations of the virus affected address books of Microsoft Outlook users or destroyed Excel documents. It was later discovered that the Melissa virus was the creation of David L. Smith. He was arrested and convicted to 20 months in prison in 1999. Ironically, he ended up working for the FBI to help them track down viruses and the people who created them. As for the Melissa virus, many variations became obsolete once it was discovered that it left traces of itself in the Windows Registry.