Most Dangerous Computer Viruses Of All Time

A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the user.

Here are some of the most dangerous computer viruses in history:

1. Jerusalem – 1988
This is one of the first MS-DOS viruses in history that caused enormous destructions, affecting many countries, universities and company worldwide. On Friday 13, 1988 the computer virus managed to infect a number of institutions in Europe, America and the Middle East. The name was given to the virus after one of the first places that got “acquainted” with it – the Jerusalem University.

Along with a number of other computer viruses, including “Cascade”, “Stoned”, “Vienna” the Jerusalem virus managed to infect thousands of computers while still remaining unnoticed. Back then the anti-virus programs were not as advanced as they are today and a lot of users had little belief of the existence of computer viruses.

2. Morris (a.k.a. Internet Worm) – November 1988
This computer virus infected over 6,000 computer systems in the United States, including the famous NASA research Institute, which for some time remained completely paralyzed. Due to erratic code, the worm managed to send millions of copies of itself to different network computers, being able to entirely paralyze all network resources. The damages caused by the Morris computer virus were estimated at $96 millions.

To be able to spread the computer virus used errors in such operating systems as Unix for VAX and Sun Microsystems. There were a number of other interesting ideas used by the virus – for example it could pick user passwords.

3. Solar Sunrise – 1998
A decade later the situation didn’t change, it might have gotten even got worse. Using a computer virus, hackers, in 1998, penetrated and took control of over 500 computers systems that belonged to the army, government and private sector of the United States. The whole situation was dubbed Solar Sunrise after the popular vulnerabilities in computers that run on the operating system called Sun Solaris. Initially it was believed that the attacks were planed by the operatives in Iraq. It was later revealed that the incidents represented the work of two American teenagers from California. After the attacks, the Defense Department took drastic actions to prevent future incidents of this kind.

4. CIH – 1998

Unleashed from Taiwan in June of 1998, CIH is recognized as one of the most dangerous and destructive viruses ever. The virus infected Windows 95, 98, and ME executable files and was able to remain resident in a PC’s memory, where it continued to infect other executables.

What made CIH so dangerous is that, shortly after activated, it would overwrite data on the host PC’s hard drive, rendering it inoperable. It was also capable of overwriting the BIOS of the host, preventing boot-up. Because it infected executable files, CIH wound up being distributed by numerous software distributors, including a demo version of an Activision game named Sin.

CIH is also known as the Chernobyl virus because the trigger date of certain strains of the virus coincides with the date of the Chernobyl nuclear reactor accident. The virus is not a serious threat today, thanks to increased awareness and the widespread migration to Windows 2000, XP, and NT, none of which are vulnerable to CIH.

5. Melissa – 1999
For the first time computers got acknowledged with Melissa computer virus on March 26, 1999, when the virus shut down Internet mail system, which got blocked with e-mails infected by the worm. It is worth mentioning that at first Melissa was not meant to cause any harm, but after it overloaded servers the virus led to unpredictable problems. For the first time it spread in the Usenet discussion group alt.sex. Melissa was hidden within a file called “List.DoC”, which featured passwords that served as keys to unlocking 80 pornographic websites. The original form of the virus was sent through e-mail to different users.

Melissa computer virus was developed by David L. Smith in Aberdeen Township, New Jersey. Its name comes from a lap dancer that the programmer got acknowledged with while in Florida. After being caught, the creator of the virus was sentenced to 20 months in federal prison and ordered to pay a fine of $5,000. The arrest represented a collaboration of FBI, New Jersey State Police and Monmouth Internet.

Melissa had the ability to multiply on Microsoft Word 97 and Word 2000, as well as Microsoft Excel 97, 2000 and 2003. In addition, the virus had the ability to mass-mail itself from Microsoft Outlook 97 or Outlook 98.

6. I Love You – May 2000
Using a similar method as the Melissa, the computer virus dubbed “I Love You” managed to infect millions of computers around the world in just one night. Just like Melissa this computer virus sent passwords and usernames, which were stored on the attacked computers, back to the developer of the virus. After authorities traced the virus they found that a young Filipino student was behind the attack. The young man was released due to the fact that the Philippines did not have any law that would prevent hacking and spreading malware. This situation served as one of the premises for creating the European Union’s global Cybercrime Treaty.

Thousands of users fell for the lure of a love letter and clicked on the infected attachment. Courtesy of F-Secure.

7. The Code Red worm – July 2001
This 21st century computer virus managed to penetrate tens of thousands of systems that ran Microsoft Windows NT as well as Windows 2000 server software. The damages caused by the Code Red computer virus were estimated at a total of $2 billion. Code Red was developed to use the power of all computers it infected against the official website of the White House at a predetermined date. In collaboration with different virus hunters and tech firms, the White House managed to decipher the code of the Code Red virus and stop traffic as the malware started its attacks.

A Web site infected by Code Red. Courtesy of F-Secure.

7. Nimda – 2001
Shortly after the September 11 tragedy this computer virus infected hundreds of thousands of computers worldwide. Nimda was considered to be one of the most complicated viruses, having up to 5 different methods of infecting computers systems and duplicating itself.

8. SQL Slammer – 2003
SQL Slammer, also known as Sapphire, was launched on January 25, 2003. It was a doozy of a worm that had a noticeable negative impact upon global Internet traffic. Interestingly enough, it didn’t seek out end users’ PCs. Instead, the target was servers. The virus was a single-packet, 376-byte worm that generated random IP addresses and sent itself to those IP addresses. If the IP address was a computer running an unpatched copy of Microsoft’s SQL Server Desktop Engine, that computer would immediately begin firing the virus off to random IP addresses as well.

With this remarkably effective way of spreading, Slammer infected 75,000 computers in 10 minutes. The outrageously high amounts of traffic overloaded routers across the globe, which created higher demands on other routers, which shut them down, and so on.

9. Blaster – 2003
The summer of 2003 was a rough time for businesses running PCs. In rapid succession, IT professionals witnessed the unleashing of both the Blaster and Sobig worms. Blaster, also known as Lovsan or MSBlast, was the first to hit. The virus was detected on August 11 and spread rapidly, peaking in just two days. Transmitted via network and Internet traffic, this worm exploited a vulnerability in Windows 2000 and Windows XP, and when activated, presented the PC user with a menacing dialog box indicating that a system shutdown was imminent.

Hidden in the code of MSBLAST.EXE — the virus’ executable ” were these messages: “I just want to say LOVE YOU SAN!!” and “billy gates why do you make this possible? Stop making money and fix your software!!”

Like many viruses, Blaster contained hidden messages. Courtesy of F-Secure.

10. Sobig.F – 2003

The Sobig worm hit right on the heels of Blaster, making August 2003 a miserable month for corporate and home PC users. The most destructive variant was Sobig.F, which spread so rapidly on August 19 that it set a record (which would later be broken by MyDoom), generating over 1 million copies of itself in its first 24 hours.

The virus infected host computers via innocuously named e-mail attachments such as application.pif and thank_you.pif. When activated, this worm transmitted itself to e-mail addresses discovered on a host of local file types. The end result was massive amounts of Internet traffic.

On September 10, 2003, the virus deactivated itself and is no longer a threat. Microsoft has announced a $250,000 bounty for anyone who identifies Sobig.F’s author, but to date, the perpetrator has not been caught.

E-mails with innocuously named attachments launched Sobig. Courtesy of
F-Secure.

11. Bagle – 2004
Bagle, a classic but sophisticated worm, made its debut on January 18, 2004. The malicious code infected users’ systems via the traditional mechanism — an e-mail attachment — and then scoured Windows files for e-mail addresses it could use to replicate itself.

The real danger of Bagle (a.k.a. Beagle) and its 60 to 100 variants is that, when the worm infects a PC, it opens a back door to a TCP port that can be used by remote users and applications to access data — financial, personal, anything — on the infected system. According to an April 2005 TechWeb story, the worm is “usually credited with starting the malware-for-profit movement among hackers, who prior to the ground-breaking worm, typically were motivated by notoriety.”

The Bagle.B variant was designed to stop spreading after January 28, 2004, but numerous other variants of the virus continue to plague users to this day.

12. MyDoom (2004)
For a period of a few hours on January 26, 2004, the MyDoom shockwave could be felt around the world as this worm spread at an unprecedented rate across the Internet via e-mail. The worm, also known as Norvarg, spread itself in a particularly devious manner: It transmitted itself as an attachment in what appeared to be an e-mail error message containing the text “Mail Transaction Failed.” Clicking on the attachment spammed the worm to e-mail addresses found in address books. MyDoom also attempted to spread via the shared folders of users’ Kazaa peer-to-peer networking accounts.

The replication was so successful that computer security experts have speculated that one in every 10 e-mail messages sent during the first hours of infection contained the virus. MyDoom was programmed to stop spreading after February 12, 2004.

13. Sasser (2004)
Sasser began spreading on April 30, 2004, and was destructive enough to shut down the satellite communications for some French news agencies. It also resulted in the cancellation of several Delta airline flights and the shutdown of numerous companies’ systems worldwide.

Unlike most previous worms, Sasser was not transmitted via e-mail and required no user interaction to spread. Instead the worm exploited a security flaw in non-updated Windows 2000 and Windows XP systems. When successfully replicated, the worm would actively scan for other unprotected systems and transmit itself to them. Infected systems experienced repeated crashes and instability.

Sasser caused frequent system crashes. Courtesy of
F-Secure.

14. Downadup – 2009
The latest and most dangerous virus is the “downadup” worm, which was also called “Conficker”. The computer security company F-Secure stated that the computer virus has infected 3.5 million computers worldwide. This malicious program was able to spread using a patched Windows flaw. Downadup was successful in spreading across the Web due to the fact that it used a flaw that Microsoft patched in October in order to distantly compromise computers that ran unpatched versions of Microsoft’s operating system. But the greatest power of the worm is believed to be the ability of computers, infected with the worm, to download destructive code from a random drop point. F-Secure stated that three of the most affected countries were China, Brazil and Russia.