Table of Contents
A computer virus is a type of malicious software, or malware, that spreads between computers and causes damage to data and software which can replicate and spread after a person first runs it on their system. Computer viruses aim to disrupt systems, cause major operational issues, and result in data loss and leakage. A computer virus gets its name from its ability to spread from one host to another with replication.
Cybercriminals aren’t creating new viruses all the time, instead they focus their efforts on more sophisticated and lucrative threats. When people talk about “getting a virus” on their computer, they usually mean some form of malware and it could be a virus, computer worm, Trojan, ransomware or some other harmful thing. Viruses and malware continue to evolve, and often cybercriminals use the type that gives them the best return at that particular time.
As a computer virus attaches to a host such as a document, program, or file, it may lie dormant until a trigger causes it to execute its code. Once an end-user runs an infected program, the virus will deploy its code.
Two scientists contributed to the discovery of the first virus, Tobacco mosaic virus. Ivanoski reported in 1892 that extracts from infected leaves were still infectious after filtration through a Chamberland filter-candle.
Virus vs worm
Common Signs of Computer Viruses
Speed of System
A computer system running slower than usual is one of the most common signs that the device has a virus. This includes the system itself running slowly, as well as applications and internet speed suffering. If a computer does not have powerful applications or programs installed and is running slowly, then it may be a sign it is infected with a virus.
Unwanted pop-up windows appearing on a computer or in a web browser are a telltale sign of a computer virus. Unwanted pop-ups are a sign of malware, viruses, or spyware affecting a device.
If computer programs unexpectedly close by themselves, then it is highly likely that the software has been infected with some form of virus or malware. Another indicator of a virus is when applications fail to load when selected from the Start menu or their desktop icon.
Accounts Being Logged Out
Some viruses are designed to affect specific applications, which will either cause them to crash or force the user to automatically log out of the service.
Crashing of the Device
System crashes and the computer itself unexpectedly closing down are common indicators of a virus. Computer viruses cause computers to act in a variety of strange ways, which may include opening files by themselves, displaying unusual error messages, or clicking keys at random.
Mass Emails Being Sent from Your Email Account
Computer viruses are commonly spread via email. Hackers can use other people’s email accounts to spread malware and carry out wider cyberattacks. Therefore, if an email account has sent emails in the outbox that a user did not send, then this could be a sign of a computer virus.
Changes to Your Homepage
Any unexpected changes to a computer—such as your system’s homepage being amended or any browser settings being updated—are signs that a computer virus may be present on the device.
Top 10 Most Harmful Cyber Viruses
Mydoom virus is originated from Russia and is written in C++ programming language. My Doom is one of the fastest spreading virus of all time, it effected one in 12 emails at its peak. The worm spreads itself by appearing as an email transmission error and contains an attachment of itself and the first version of the worm, appeared on January 26, 2004.
Mydoom caused estimated damage of $38 billion in 2004, but its inflation-adjusted cost is actually $52.2 billion. Also known as Novarg, this malware is technically a “worm,” spread by mass emailing. At one point, the Mydoom virus was responsible for 25% of all emails sent. The worm was created to disrupt SCO due to conflict over ownership of some Linux code.
Users would open an attachment like “Mail Transaction Failed”. Its aim was to take down websites like Google and Lycos. It managed to take out Google for almost a day. It spread via email and through a peer-to-peer network. The virus creates a backdoor in the victim’s computer’s operating system to allow remote access and second it launches a denial of service attack on the controversial SCO Group.
CryptoLocker was one of the first ransomware attacked worm and CryptoLocker is a form of Trojan horse ransomware targeted at computers running Windows. CryptoLocker Ransomware was released in September 2013 and it spread through email attachments and encrypted the user’s files so that they couldn’t access them. In June 2014, Operation Tovar took down Evgeniy Bogachev, the leader of the gang of hackers behind CryptoLocker.
This virus encrypted files on hard drives. The only way to remove the encryption was to pay a ransom by a certain deadline. If the deadline is not met, the ransom will increase significantly or the decryption keys deleted. The ransom usually amount to $400 in prepaid cash or bitcoin.
This malware attacked upwards of 250,000 machines by encrypting their files. The virus’ creators used a worm called the Gameover Zeus botnet to make and send copies of the CryptoLocker virus. To decrypt the file, a person/victim should have a private key to decrypt the file. Once the
files are infected, the files are effectively lost forever
There are many ways to avoid the CryptoLocker virus such as by updating antivirus software and malware protection, ignoring suspicious attachments or files, and by not clicking on random or unrecognized links. Also, it is always a great idea to always back your files up.
Code Red first surfaced on 2001 and was discovered by two eEye Digital Security employees Marc Maiffret and Ryan Permeh. It was named Code Red because the the pair were drinking Code Red Mountain Dew at the time of discovery. The most memorable symptom is the message it leaves behind on affected web pages, “Hacked By Chinese!”, which has become a meme itself.
Once infected, the virus would replicate making a hundred copies of itself but due to a bug in the programming, it will duplicate even more and ends taking up computer resources. The virus would then open up the machine to a remote access.
The worm targeted computers with Microsoft IIS web server installed, exploiting a buffer overflow problem in the system and It leaves very little trace on the hard disk as it is able to run entirely on memory, with a size of 3,569 bytes. On July 19, the code red worm infected more than 250,000 computer systems in just nine hours and it was estimated that it caused $2 billion in lost productivity. A total of 1-2 million servers were affected, which is amazing when you consider there were 6 million IIS servers at the time.
In order to protect your computer, Microsoft has made available a “patch” that is intended to protect computers against Code Red virus. It can be downloaded from the home page of the Microsoft Web site www.microsoft.com
Named after an exotic dancer from Florida, it was created by David L. Smith in 1999. It started as an infected Word document that when opened would be transferred to 50 top email contacts of the victim and this caused an increase of email traffic, disrupting the email services of governments and corporations. It also sometimes corrupted documents by inserting a Simpsons reference into them.
Once opened, it would mail itself to the user’s email contacts. The increased email traffic caused disruption to governments and corporations alike. One of the few top companies to be affected by this virus was Microsoft, which was shut down due to the email overload. It is estimated that around 80 million dollars was used for the clean up and to solve the damage that was done due to this virus.
The culprit behind this virus was soon arrested after the joint action run by the FBI and AOL as he used the AOL account to create the virus. He cooperated with the FBI in capturing other virus creators and for his cooperation, he served only 20 months and paid a fine of $5000 of his 10 year sentence. The virus reportedly caused $80 million in damages.
Zeus is a Trojan horse made to infect Windows computers so that it will perform various criminal tasks. The majority of computers were infected either through drive-by downloads or phishing scams. Controllers of the Zeus botnet used it to steal the login credentials of social network, email and banking accounts.
First identified in 2009, it managed to compromise thousands of FTP accounts and computers from large multinational corporations and banks such as Amazon, Oracle, Bank of America, Cisco, etc. The virus is a form of malicious software that targets Microsoft Windows. Spam messages and drive-by downloads are two main methods of infection.
The main purpose of the Zeus virus is to access the victim’s sensitive bank account details and steal all of the victim’s funds. The Zeus botnet was a group of programs that worked together to take over machines for a remote “bot master.” It originated in Eastern Europe and was used to transfer money to secret bank accounts.
It compromised accounts from many leading banks and corporations. It stole details of social media accounts, bank accounts, and email addresses. The simplest way to get rid of the Zeus virus is to use antivirus software as well as a malware removal tool.
ILOVEYOU is considered one of the most virulent computer virus ever created. The virus was created by a college student in the Philippines named Onel de Guzman and this virus is also known as Loveletter.
Lacking funds, he wrote the virus to steal passwords so he could log into online services he wanted to use for free. He reportedly had no idea how far his creation would spread. What it did was use social engineering to get people to click on the attachment; in this case, a love confession. The attachment was actually a script that poses as a TXT file, due to Windows at the time hiding the actual extension of the file.
Once clicked, it will send itself to everyone in the user’s mailing list and proceed to overwrite files with itself, making the computer unbootable. This led to the enactment of the E-Commerce Law to address the problem. 10% of the world’s computers were believed to have been infected. It was so bad that governments and large corporations took their mailing system offline to prevent infection.
In order to stay safe from virus attacks like ILOVEYOU, there is a dire need to install a robust virus removal program. The virus spreads by email with the subject line “ILOVEYOU” and an attachment, “LOVE-LETTER-FOR-YOU.txt.vbs” If the attachment was opened, a Visual Basic script was executed, and the computer was infected.
Believed to have been created by the Israeli Defence Force together with the American Government and Stuxnet was used to disrupt Iran’s nuclear program. It was originally aimed at Iran’s nuclear facilities. Stuxnet spread via USB sticks and Microsoft Windows computers.
The computer worm was designed to attack industrial Programmable Logic Controllers (PLC), which allows for automation of processes in machinery. It was intended to disrupt the nuclear efforts of the Iranians. It was estimated that Stuxnet managed to ruin one fifth of Iran’s nuclear centrifuges and that nearly 60% of infections were concentrated in Iran.
It specifically aimed at those created by Siemens and was spread through infected USB drives and it ruined 1/5 of Iran’s nuclear centrifuges. It altered the speed of the machinery, causing it to tear apart. If the infected computer didn’t contain Siemens software, it would lay dormant and infect others in a limited fashion as to not give itself away. Siemens eventually found a way to remove the malware from their software.
It was reported that the worm already infected more than 50,000 Window computers and Siemens has reported 14 infected control systems which were mainly in Germany.
8. Sasser and Netsky
A Windows worm first discovered in 2004, it was created by a 17 years old computer science old German student named Sven Jaschan. Sasser affected millions of Windows XP and 2000 computers. It found a way to manipulate an exploit in the Local Security Authority Subsystem Services.
Sasser slowed machines down and caused crashes. It also made it hard to power down. Damages were estimated in the billions of dollars as well as forcing airlines and governments to shut down. Overall, the damage was estimated to have cost $18 billion.
Jaschen was tried as a minor and received a 21 month suspended sentence. The effects of the virus were widespread as while the exploit was already patched, many computers haven’t updated. This led to more than a million infections, taking out critical infrastructures, such as airlines, news agencies, public transportation, hospitals, public transport, etc.
On the other hand, Netsky virus spreads via e-mail and Window networks with the purpose of insulting other computer viruses such as Mydoom and Bagel. There are many forms of Netsky, each made by different people. Netsky was actually the more viral virus, and caused a huge amount of problems in 2004. He was arrested at the age of 18 in 2004 after a $250,000 bounty was posted for the computer virus’ creator.
Conficker is a worm that infected over 9 million computers around the world affecting governments, businesses and individuals. Also known as Downup or Downadup and made its first appearance in 2008. It was one of the largest known worm infections to ever surface causing an estimate damage of $9 billion.
Conficker is a worm of unknown authorship for Windows. The name comes form the English word, configure and a German pejorative. It infects computers using flaws in the OS to create a botnet. Then, it proceeds to install software that will turn the computer into a botnet slave.
It would reset account lockout settings and block access to antivirus sites and windows updates. It would then lock out user accounts. Scareware was then used to scam money from users.
Once infected, the worm will then reset account lockout policies, block access to Windows update and antivirus sites, turn off certain services and lock out user accounts among many. Microsoft later provided a fix and patch with many antivirus vendors providing updates to their definitions.
Plug X malware was first discovered in 2012. It is a Remote Access Trojan (RAT) which is also known as “Korplug”. The attack starts with a phishing email containing a malicious attachment, usually, a specially crafted malicious document and exploits a vulnerability in either Adobe Acrobat Reader or Microsoft word.
It primarily targets government entities, targets specific businesses and organizations and it spreads via phishing emails, spam campaigns, and spear-phishing campaigns. It was reported that 7.93 million user records from Japanese Travel Agency were compromised. The malicious document included the PlugX RAT, which installed the Elirks backdoor trojan, that is designed to steal user information.
PlugX contains backdoor modules to perform the following tasks:
XPlugDisk – used to copy, move, rename, execute and delete files.
XPlugKeyLogger – used to log keystrokes.
XPlugRegedit – used to enumerate, create, delete, and modify registry entries and values.
XPlugProcess – used to enumerate processes, get process information, and terminate processes.
XPlugNethood – used to enumerate network resources and set TCP connections.
XPlugService – used to delete, enumerate, modify, and start services.
XPlugShell – used to perform remote shell on the affected system.
Some Other Viruses
- Mimail: This worm tried to harvest data from infected machines to launch a string of DDoS attacks, but was relatively easy to remove.
- Yaha: Yet another worm with several variants, thought to be the result of a cyber-war between Pakistan and India.
- Swen: Written in C++, the Swen computer worm disguised itself to look like a 2003 OS update. Its financial cost has been pegged at $10.4 billion, but not reliably.
- Storm Worm: This worm showed up in 2007 and attacked millions of computers with an email about approaching bad weather.
- Tanatos/ Bugbear: A 2002 keylogger virus that targeted financial institutions and spread to 150 countries.
- Sircam: A computer worm from 2001 that used counterfeit emails with the subject line, “I send you this file in order to have your advice.”
- Explorezip: This worm used fake emails to spread to every machine on thousands of local networks.
- Melissa: The most dangerous computer virus in 1999, Melissa sent copies of itself that looked like NSFW pics. The U.S. FBI estimated cleanup and repair costs at $80 million.
- Flashback: A Mac-only virus, Flashback infected over 600,000 Macs in 2012 and even infected Apple’s home base in Cupertino, Calif. In 2020, there’s now more malware on Macs than on PCs.
- Conficker: This 2009 virus still infects many legacy systems and could do significant damage if it ever activates.
- Stuxnet: This worm is reported to have destroyed Iranian nuclear centrifuges by sending damaging instructions.
Computer viruses cost an estimated $55 billion each year in cleanup and repair costs. The biggest computer virus ever is the Mydoom virus, which did an estimated $38 billion in damages in 2004. Other notables are the Sobig worm at $30 billion and the Klez worm at $19.8 billion. Thankfully, today’s secure PCs and operating systems make it exponentially harder for viruses and worms to get a foothold in our connected lives. SSI works as your full-time cyber security services provider.
Download Entri App, Entri provides you effective learnings in a period of time with the help of expert teams and you can accomplish the goal with the Entri App. Start your preparation for your dream government job with Entri App. We provide a wide range of courses over different government exams. We are providing you the best platform for the preparations for every prestigious exam. Here you can get access to a number of mock tests and get daily practice GK and Current affairs questions.
For candidates preparing for competitive exams like Bank Exam, UPSC exam and other Government Exams. Static GK connotes general knowledge about the static facts, the facts that are never going to change in the future. Entri App provides you with the best knowledge in GK and coaches candidates on different exams in your local language.