7) Fizzer (2003) By 2003, many worms were spreading over e-mail, but Fizzer was an entirely new creature. If earlier worms, like Code Red (see below), were about mischief, Fizzer was all about money. While some initially dismissed the seriousness of the worm because it wasn’t as fast moving as Code Red, Fizzer was more insidious. “What makes Fizzer stand out is that it's the first instance of a worm created for financial gain,” says Roel Schouwenberg, a senior researcher at Kaspersky, an anti-virus company. “Computers infected with Fizzer started sending out pharmacy spam.” In other words, Fizzer didn’t just take over your address book to spread for the sake of spreading, it used your address book to send out the now familiar porn and pills spam. Fizzer was followed by better-known spam-inducing worms, like SoBig, which became threatening enough that Microsoft even offered a $250,000 bounty for information leading to the arrest of its creator.
8) Slammer (2003) In January 2003, the fast-spreading Slammer proved that an Internet worm could disrupt private and public services, a harbinger for future mayhem. Slammer works by releasing a deluge of network packets, units of data transmitted over the Internet, bringing the Internet on many servers to a near screeching halt. Through a classic denial of service attack, Slammer had a quite real effect on key services. Among its list of victims: Bank of America’s ATMs, a 911 emergency response system in Washington State, and perhaps most disturbingly, a nuclear plant in Ohio.
9) Code Red (2001) Compared to modern malware, Code Red seems like an almost kinder, gentler version of a threat. But when it swept across computers worldwide in 2001, it caught security experts off guard by exploiting a flaw in Microsoft Internet Information Server. That allowed the worm to deface and take down some websites. Perhaps most memorably, Code Red successfully brought down the whitehouse.gov website and forced other government agencies to temporarily take down their own public websites as well. Though later worms have since overshadowed Code Red, it’s still remembered by anti-virus experts as a turning point for malware because of its rapid spread.
10) Love Letter/I LOVE YOU (2000) Back in 2000, millions of people made the mistake of opening an innocent looking email attachment labeled simply, “I Love You.” Instead of revealing the heartfelt confession of a secret admirer, as perhaps readers had hoped, the file unleashed a malicious program that overwrote the users’ image files. Then like an old-fashioned chain letter gone nuclear, the virus e-mailed itself to the first 50 contacts in the user’s Windows address book. While by today’s standards, Love Letter is almost quaint, it did cause wide-scale problems for computer users. It only took hours for Love Letter to become a global pandemic, in part because it played on a fundamental human emotion: the desire to be loved. In that sense, Love Letter could be considered the first socially engineered computer virus.
Sharon Weinberger is a national security reporter based in Washington, D.C.