Top Ten Most-Destructive Computer Viruses | Science | Smithsonian
Rather than amateurs working out of their parents' basement, malware creators are often part of an underworld of criminal gang, or working directly for a foreign government or intelligence agency. (Epoxydude / fstop / Corbis)

Top Ten Most-Destructive Computer Viruses

Created by underground crime syndicates and government agencies, these powerful viruses have done serious damage to computer networks worldwide

smithsonian.com

Computer viruses have come a long way from the early days of personal computers, when teenage hackers competed for bragging rights, creating malware designed for mischief or random mayhem. Now, the hackers have gone professional, and their ambitions have grown; rather than amateurs working out of their parents' basement, malware creators are often part of an underworld criminal gang, or working directly for a foreign government or intelligence agency. As the stakes have grown, so too has the potential damage and destruction brought on by malware.

1) Stuxnet (2009-2010) The arrival of Stuxnet was like a cartoon villain come to life: it was the first computer virus designed specifically to cause damage in the real, as opposed to virtual, world. While previous malware programs may have caused secondary physical problems, Stuxnet was unique in that it targeted software that controls industrial systems. Specifically, Stuxnet was designed to damage machinery at Iran’s uranium enrichment facility in Natanz. Based on the available information, including data from the International Atomic Energy Agency, experts believe Stuxnet caused a large number of Iran’s centrifuges—essentially giant washing machines used to enrich uranium—to spin out of control and self-destruct. Though Stuxnet was discovered in 2010, it is believed to have first infected computers in Iran in 2009.

2) Conficker Virus (2009)In 2009, a new computer worm crawled its way into millions of Windows-based PCs around the world, creating a massive botnet army of remotely controlled computers capable of stealing financial data and other information. Its complexity made it difficult to stop, and the virus prompted the creation of a coalition of experts dedicated to stopping its spread. At its height, the Conficker worm infected millions of computers, leading anti-virus researchers to call it the “super bug,” or “super worm.” But the real mystery of Conficker, which still infects a large number of computers, is that no one knows what it was meant to do: the botnet army was never used for any specific purpose, to the best of anyone’s knowledge. Conficker’s real purpose still confounds security experts.

3) agent.btz (2008) This piece of malware’s claim to fame is that it temporarily forced the Pentagon to issue a blanket ban on thumb drives and even contributed to the creation of an entirely new military department, U.S. Cyber Command. Agent.btz spreads through infected thumb drives, installing malware that steals data. When agent.btz was found on Pentagon computers in 2008, officials suspected the work of foreign spies. Former Deputy Secretary of Defense William Lynne later wrote that agent.btz created “a digital beachhead, from which data could be transferred to servers under foreign control.” Though some anti-virus experts have disputed the contention that the virus was the creation of a foreign intelligence agency, its effect was to make cyber war a formal part of U.S. military strategy.

4) Zeus (2007) There is no shortage of malware kits that target personal information, but Zeus has become the go-to tool for many of today’s cyber criminals and is readily available for sale in the cyber crime underworld. It can be used to pilfer passwords as well as files, helping to create a literal underground economy for compromised identities that can be bought and sold for as little 50 cents. In the age of Internet banking and online shopping, a compromised identity is much more than just a name and social security number: it’s your address, date of birth, mother’s maiden name, and even your secret security questions (your first pet, your favorite teacher, or your best friend from grade school).

5) PoisonIvy (2005) PoisonIvy is a computer security nightmare; it allows the attacker to secretly control the infected user’s computer. Malware like PoisonIvy is known as a “remote access trojan,” because it provides full control to the perpetrator through a backdoor. Once the virus is installed, the perpetrator can activate the controls of the targeted computer to record or manipulate its content or even use the computer’s speaker and webcam to record audio and video. Once thought of as a tool for amateur hackers, PoisonIvy has been used in sophisticated attacks against dozens of Western firms, including those involved in defense and chemical industries, according to a white paper written by Symantec, the computer security firm. The attacks were traced back to China.

6) MyDoom (2004) MyDoom muscled its way into the malware world in 2004, quickly infecting some one million computers and launching a massive distributed denial of service attack, which overwhelms a target by flooding it with information from multiple systems. The virus spread through email as what appeared to be a bounced message. When the unsuspecting victim opened the email, the malicious code downloaded itself and then pilfered the new victim’s Outlook address book. From there, it spread to the victim’s friends, family and colleagues. MyDoom spread faster than any worm seen prior.

Tags

Comment on this Story

comments powered by Disqus