The Malware Evolution…

While conducting research on computer malware, I happened across an article at ‘howstuffworks -10 Worst Computer Viruses of All Time” (by Jonathan Strickland).  I was very impressed with the article and decided to summarize, in a table format (see below), the ten worst computer viruses of all time (based on the information from that article), in an effort to demonstrate how malware is evolving. You can read the full article on the “10 Worst Computer Viruses of All Time”, by clicking on the “howstuffworks” logo at the bottom of the page.

Another source of information that blends in well with this topic, is an article posted at Tech-for Everyone, “A Brief History – Holiday Edition”, that provides a short history on who wrote the first true virus, the evolution of viruses; and how virus and malware protection has led to a $38 billion industry.  I recently communicated with the author (known as TechPaul) and he made the following “real world” statement, that demonstrates how the malware evolution is affecting people on a personal level.

“As a Help and Support tech, I see (and repair) the damage done by malware everyday, and it is no joke. I have talked with folks who were forced to buy new machines due to rootkit and firmware infections. I have talked with people who have spent time rebuilding their credit after their “identity” was stolen.” -TechPaul

In conclusion, the objective of this article is to display the timeline and evolution of viruses (aka: malware) and to impress upon my readers the importance of keeping your security and system software up to date.  Malware has evolved from what you are seeing in this table to include thousands of variations of computer viruses, worms, trojan horses, rootkits, spyware, dishonest adware, crimeware and other malicious and unwanted software.   The motivation in the past was more idealistic; whereas, today the motivation is money.

10

Melissa

1999

MS-Word Macro; Propagated via email attachment; When opened: sent itself out to the top 50 people in the recipient’s e-mail address book.

9

ILOVEYOU

2000

Standalone Program; Worm; Propagated via email attachment; Subj:  Love Letter from a Secret Admirer, Attachment: LOVE-LETTER-FOR-YOU.TXT.vbs; When opened: wide range of attacks.

8

Klez

2001

Propagated via Email message; Spoofing; Replicated itself; Sent itself to people in recipient’s address book; Some variations rendered a persons computer inoperable.

7

Code Red

2001

Worm; Propagated via Internet; Exploited vulnerability in operating system (buffer overflow); distributed denial of service (DDoS) attack on the White House.

6

Nimda

2001

Nimda is “Admin” backwards; Worm; Propagated via the Internet & Email (very quickly); Primary target: Internet Servers; Purpose: To bring the internet to a crawl.

5

SQL Slammer / Sapphire

2003

Propagated via Internet; Attacked Web Servers; Took down unprepared infrastructure systems; Caused $1 Billion plus in damage; Victims infected within seconds after initial launch.

4

MyDoom

2004

Propagated via email; Created backdoor in victim’s computer; Had two triggers: Caused Denial of Service Attack and second trigger commanded the virus to stop distributing itself on Feb. 12, 2004; Replicated via email addresses on victim’s PC; Second outbreak caused search engines to come to a crawl.

3

Sasser and Netsky

2004

Worm; Propagated via internet; Attacked computer through a Microsoft vulnerability; Scanned random IP’s for victim computers; Virus created by 17 year old German programmer.

2

Leap-A/Oompa-A

2006

Infected Apple Mac’s PC’s; Propagated via instant messaging (iChat); Caused little harm; Demonstrated that Mac PC’s can be vulnerable as well.

1

Storm Worm

2006

Progated via email and fake links; Trojan Horse; Original had email subj line: “230 dead as storm batters Europe”; Can turn PC into “zombies” or “bots”; Vulnerable to remote control by attacker.

 

clipped from computer.howstuffworks.com

HowStuffWorks


10 Worst Computer Viruses of All Time


by Jonathan Strickland

 


Computer viruses can be a nightmare. Some can wipe out the information on a hard drive, tie up traffic on a computer network for hours, turn an innocent machine into a zombie and replicate and send themselves to other computers. If you’ve never had a machine fall victim to a computer virus, you may wonder what the fuss is about. But the concern is understandable — according to Consumer Reports, computer viruses helped contribute to $8.5 billion in consumer losses in 2008 . Computer viruses are just one kind of online threat, but they’re arguably the best known of the bunch.


Computer virus

 

Get Clipmarks – The easiest way to email text, images and videos you find on the web.

Sent with Clipmarks

Bookmark and Share

[CLICK HERE TO LEAVE A COMMENT]

About these ads

5 Responses to The Malware Evolution…

  1. techpaul says:

    Cyber-criminals are ripping us off (with malware) at a rate that has become so bad that the Center for Strategic and International Study has named it a top threat to our national security (see http://www.csis.org/media/csis/pubs/081208_securingcyberspace_44.pdf), and so advised the President-elect. I have seen reputable estimates of this year’s losses as $105 billion. (What economy can stand to hemorrhage that?)

    I have also seen security industry experts state that as many as 1 in every 2 of our computers are infected with malware, though it is more common to find a more conservative estimate of 1 in 4.. One quarter to half of all the computers in the world.

    How can that be? Contrary to the “old school” hacker’s ego-based desire to let you know he’d cracked your security, the modern “hacker” is a criminal who wants to operate undetected for as long as possible – and so his malware mutates to avoid detection, and he just plants keystroke recorders to record your passwords, and a mailer that sends out spam. In other words, the machine is a stealthy “zombie” robot (aka “bot”) completely unknown to the owner.
    (see http://techpaul.wordpress.com/2008/11/11/our-modern-nightmare/)
    Infection primarily occurs when a user who has unpatched (updated) programs visits a poisoned website.

    One of the best ways to determine if you have been hit by a stealth infection is to visit an online malware scanner, such as Trend Micro’s Housecall.
    To prevent infection:
    * Keep all the software on your machine patched and up-to-date. Regularly visit Windows Update. An excellent tool for keeping the rest of your software patched is the Personal Software Inspector from Secunia.
    * Run (1)an antivirus program, and keep it up-to-date with daily “signature” checks. An ‘expired’ antivirus is no antivirus.
    * Run (2) two anti-spyware programs; one in “active mode” (sometimes called “shielding”) and the other in passive.
    * Turn on your firewall.
    * Use common sense when surfing the Internet, and avoid risky websites. (Basically, be paranoid.) An anti-phishing filter – such as McAfee’s Site Advisor, or the WOT toolbar – can warn you of known bad websites.

    Rick recently provided two lists of the best free anti-malware programs, so there’s really no reason why you shouldn’t have these protections in place.

    Thank you, Rick, for helping raise awareness of this terrible epidemic.

  2. whatsonmypc says:

    TechPaul,

    What a great response… The “Prevention Tips” that TechPaul has reflected, I totally support and agree with… These are baseline tips and actually would make for a great article just by itself… Again, Thank you “TechPaul” for your continued support & expertise.

    Rick

  3. techpaul says:

    You’re quite welcome, Rick. I believe you are providing absolutely marvelous tips and advice to your readers.

    Yes.. a big part of my income is cleaning up malware (when it’s even possible; often times the only real recourse is to wipe the hard drive and start fresh) and so you might think I have a vested interest in keeping the public naive and uninformed.. but these guys go beyond criminal and offend me on every level.

    This website is a fantastic resource, and I am proud to have you on my “blogroll” (as well as bookmarked!). You may be a “newcomer” to the “game”, but you’re “playing like a Pro”. I look forward to my daily visit here as I am continuously impressed, entertained, and – yes – even educated. Please keep writing!

  4. Jethro says:

    These virus and malware modules are so distributed that the clean up effort is basically impossible. This slime is everywhere so the only way that it can be cleaned up is thru technology upgrades. Trying to visit each PC and laptop to scrap them off or train folks on safe practices is impossible. Folks like McAfee and Trend do a good job of preventing the harm and do some containment, but there are avenues everywhere for them to proliferate from. One of the encouraging technologies that I see is in the “Cloud Computing” efforts. If this technology catches on, which is a throw back to the old main frame era of storage management/central computing, viruses will be the big network providers or storage providers issue. Once the possible distribution methods are tapered down by some concept like “Cloud Computing”, then maybe it will be easier to contain and prevent the attacks. Until them, grandma can kick off a virus from the bingo parlor.

    • whatsonmypc says:

      Jethro,

      The clean up effort is impossible… As long as there are people and computers, malware and the likes will prevail. There is certainly a bad (criminal) side to the internet that is growing rapidly. In reference to the “cloud computing”, the concept is now “real”… I am seeing daily new “cloud computing” interfaces (i.e. online storage, online desktops, online office suites)… As you say, “cloud computing” may make it easier to contain and prevent attacks”… It’s people like me that will have to get used to my apps (and files) being stored and managed elsewhere.

      Great response!

      Rick

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 284 other followers

%d bloggers like this: