Image courtesy of F-Secure Corporation
Whether you clicked on a misleading banner ad, opened a file sent by a Nigerian prince or simply downloaded the wrong porn, everyone’s dealt with a computer virus at some point. While bad programming or virus checking software contains most outbreaks, some malware has managed to reach pandemic levels. With the help of Golden Richard III, a professor of computer science at the University of New Orleans and an expert on computer viruses, Popsci.com takes a look at ten viruses, worms and Trojans that reached levels of digital plague.
First developed in 1971, Creeper might well be the first computer virus. It infected PDP-11 computers connected to ARPANET, the Defense Department-run precursor to the Internet. Once infected, the computer would display the message, “I’m the creeper, catch me if you can!” Self-replicating but not too dangerous, Creeper opened the door that the rest of this list walked through.
9. Elk Cloner
Written in 1982 by a high school student, Elk Cloner attacked Apple II computers via floppy disk. On every 50th boot, the virus would cause the computer to display a poem written by the hacker.
8. The Morris Worm
Robert Morris wrote the Morris Worm in 1988 while still a graduate student at Cornell. Considered the first worm, it eventually lead to Morris becoming the first person convicted under the Computer Fraud and Abuse Act. However, the story ends happily, as Golden Richard III noted that Morris now teaches computer science at MIT.
The original email virus, ILOVEYOU caused “massive estimated financial damage, with millions of computers infected,” according to Golden Richard III. The email masqueraded as a love letter from a contact in a user’s email address book, and prompted the user to open an attachment containing the virus. Beginning on March 4th, 2000, the virus infected over 50 million computers in only nine days, and caused the CIA and the Pentagon to shut down their computers.
6. Code Red
Named after the Mountain Dew drink favored by the first researchers to analyze the program, this worm first broke out in July, 2001, infecting as many as 360,000 computers in a single day. According to Richard III, the infection proved so hard to stop because the worm would continually re-infect the same computer it had been cleaned from. The worm attacked Microsoft IS servers, and caused massive denial of service problems as it ate up computing resources and IT personnel time.
Nimda was a rare combination of a worm, a virus and a Trojan horse. “NIMDA, that was a nasty one,” said Richard III. “That was a Windows virus that had a lot of different methods of infection. It used email, web server exploits, all kinds of different stuff. 2001 was a great year for viruses.” And how. Nimda’s various distribution tactics allowed it to become the world’s most widespread virus less than an hour after it was released into the wild.
Richard III described Slammer as an “extremely fast-spreading computer worm that infected the majority of infectable hosts within minutes.” Slammer first hit the Internet at 5:30 AM, GMT on January 25, 2003. Ten minutes later, 75,000 computers were infected with the worm. The genius of the worm’s design related to its size, as, at only a few hundred bytes long, the whole program fit within a single UDP packet.
The Blaster was not a particularly dangerous worm, due to a programming error, but it received a lot of media attention nonetheless. The worm exploited a hole in Windows XP programming, and, within its code, contained a specific attack on Bill Gates that read “billy gates why do you make this possible? Stop making money and fix your software!!” An 18-year-old named Jeffery Lee Parson was arrested and eventually sentenced to spend a year and a half in prison for writing an updated version of the worm.
Welchia remains one of the most unusual worms in history, as it was designed to help instead of hurt. A response to the Blaster worm, Welchia infected computers, cleared out the Blaster infestation, and then deleted itself. While Richard III contends this was just a case of hacker one-upsmanship, he did say that it raised a lot of ethical questions about the use of invasive virus techniques for a positive end.
Hello iPhone users; welcome to the next level of viruses. Commwarrior-A hit in the summer of 2005, and it struck in an unsuspecting place: cell phones. The first ever cell phone virus, Commwarrior-A spread through text messages, but only infected 60 cell phones. Despite the small number of infected devices, security experts see Commwarrior-A as the beginning of a new kind of virus, and worry that the spread of smart phones means Commwarrior-A was merely the first in what will become a long line of phone targeting malware.