Viruses are quite simply a pain! We work with our share of computer viruses like every other computer repair technician. Often, we come across the question, “What are the most destructive computer viruses ever?” We decided to do the research and curate what the internet considers the worst computer viruses of all time.
After researching the worst viruses, we used each mention of the virus as a vote. So here is the list the internet’s worst computer viruses:
Top 10 Most Destructive Computer Virus in 2022
The Cryptolocker is believed to be the first of it’s kind. It’s a specific type of malware called ransomware. Ransomware targets files and/or programs, encrypts them, then holds them hostage until a ransom is paid.
Cryptolocker hit the internet in September 2013 and was prevalent through mid 2014. It used a asymmetric encryption to lock down files. This means that it would have a public encryption key that was used for initial encryption. Separately, it would also have a private key that would be held by the hacker and only released if a ransom is paid.
It infected computers via Trojan Horse that would sneak into Windows computers via fake email attachments or websites requiring downloads such as a media player. It would disguise itself as a non-threatening file such as a .doc or .pdf but would really contain a hidden executable file that would launch install the malware. From there it would look through the attached storage including hard drives, usb drives, network drives, etc. Upon finding files, it would begin encrypting files. After encryption, it would display a message with a countdown saying that it would destroy the files if the ransom wasn’t paid by the time the countdown ran out.
Most Security software can stop this virus, but they cannot unlock the data. Depending on the importance of the data, some have actually re-infected their computer so they can pay the ransom and get the encryption key.
9. Code Red
The Code Red and Code Red II viruses were named after a popular version of Pepsi Co’s Mountain Dew called Code Red. This was the drink that the two technicians were drinking when they discovered the virus back in 2001.
The Code Red II virus was even worse. It would completely take over the computer causing a system-level compromise. All the computer’s resources including data and processing power was at the hands of the hacker.
The infection of the virus was halted with a Windows update that patched the vulnerability.
WannaCry is another ransomware virus. This one had a heavy impact affecting large companies including FedEx and the National Health Service in the UK.
The ransomware would lock down files and then require payment via bitcoin. If the payment wasn’t received in 3 days, the ransom doubled. Also, it would destroy the files in a week if payment wasn’t received.
The infection spread through a critical flaw in Windows that was leaked online. A windows update patched the flaw and neutralized the spread of WannaCry.
Many tout Stuxnet as the first, state sponsored cyber warfare. It is believed to be developed by a joint American/Israeli sponsored development team and attacked Iran and specifically their nuclear program. We believe it started development in 2005 and deployed around 2009 but was only uncovered in 2010.
It is extremely specific in its infection and its purpose. It’s primary targets were programmable logic controllers (PLCs) which automate centrifuges for separating nuclear material. These machines were on a closed loop (meaning they are not connected to the internet) which means it required infection using a USB flash drive. If an infected machine didn’t contain one of these specific PLCs, the virus would sit dormant.
If it did find a PLC connected to a centrifuge, the virus would take control of the centrifuge, spinning it too fast until it failed. Meanwhile, it would display information stating that the centrifuge was working within parameters.
When all was said and done, over 200,000 computers were infected and thousands of machines were destroyed.
6. Storm Worm
The Storm Worm has afew different names including Peacomm and Nuwar. It was named because it’s spread through an email that looks like it’s coming from someone on your contact list. The subject line usually had something to do with a storm such as “230 dead as storm batters Europe.”
Because it is perpetuated through innocent looking files and emails, it is classified as a Trojan. Upon infection, the computer allows remote connection by a hacker or bot and is primarily used to send spam mail and perpetuate itself. Cybersecurity firm Postini detected more than 200 million emails caring the virus in 2007.
Other subject lines have included “a new deadly catastrophe in China” or “China’s most deadly earthquake” in conjunction with Beijing hosting the Olympics. These email claim to have videos or news stories but when the link is clicked, the worm is downloaded.
This virus is another Trojan spread through spoofed emails. MyDoom had a number of variants and had two objectives. Once a computer was infected, the virus would begin a denial of service (DoS) attack on search engines. Using the compromised email, it would perform searches under that users causing the search engines to be bogged down by request or even crash in some cases.
The other objective was to provide a backdoor for the hacker or bot to control the computer at some point in the future. It could be used for additional DoS attacks, to steal information, or to just take control of the computer.
Most antivirus software now has the ability to identify and remove the virus but back in 2004 it spread extremely quickly. At one point, it was estimated that 1 in 12 email messages carried the virus.
Conficker is a play on the word Configure. It is one of the most robust viruses on this list. With various advanced malware techniques, it does an excellent job evading detection, and perpetuating itself. It will also attack the antivirus software that was built to destroy it and deactivate Windows Safe Mode. It can disable automatic backup settings and delete restore points.
The primary objective of this virus is to create massive botnets. Once a computer is configured, it gains access to the rest of the network. It will either copy itself to shared folders or use the AutoRun utility used when a USB drive is plugged in. After that, it can also exploit peer-to-peer networks which doesn’t require a centralized server for the computers to communicate.
It came into play in 2008 and as of 2015 it is estimated that 1 million computers are infected.
Sasser and Netsky are two different Viruses, however, they were created by the same person and released at the same time with similar code. It was released by a 17-year-old named Sven Jaschan. He was caught and tried as a juvenile in Germany.
Sasser was a virus that spread by scanning random IP addresses and then trying to infect that computer through a vulnerability in Microsoft Windows. Specifically, it would look for vulnerable systems, then instruct those systems to download the virus. Then that computer would begin doing the same thing. On top of propagating itself, it would also alter the operating system causing shutdown issues.
The Netsky is a Trojan virus would propagate by spoofing email addresses and having the user open a small attachment. Once downloaded, it would cause DoS attacks to crash web servers. At one time, this virus or it’s variants were estimated to be 25 percent of all viruses on the internet.
Melissa was possibly the first Trojan Virus perpetuated through email.
Back in the 1990s, Windows 95 & Windows 98 were the Operating system of choice. The operating systems were generally bundled with Microsoft Outlook and Word when installed in a corporate environment. This gave hackers a huge base to attack.
Back in those days, email servers weren’t nearly as robust or secure. Melissa perpetuated herself through email attachment. The attachment was a Word doc that would fire a macro once opened. The macro would grab the top 50 emails on the user’s contact list and send an email through the user’s Outlook to those users. The email subject would say “Here is the document you ask for.” When that user opened, it would run the macro on their machine.
At the time, these companies and email servers weren’t ready to handle a virus of this magnitude. It resulted in email servers crashing and businesses shutting down their email servers to contain the problem.
We all have the need for acceptance and for relationships. In today’s world, we are finding more and more of it online and through social media. Before social media, the ILOVEYOU virus spread itself through email. The subject of which would intrigue those looking for a secret love or some type of relationship.
The victim would receive an email with the subject line saying it was a love letter from a secret admirer. The attachment appeared to be a .txt file but was actually a .vbs file (Visual Basic Scripting).
The script had 5 attacks. It would copy itself several times hiding itself in various folders on the hard drive. Next, it would add new files to the registry. Then it replaced several kinds of files with itself. It would then propagate itself through chat clients and email. After entrenching itself in the victim’s computer and propagating to others’ computers, it downloads a file from called WIN-BUGSFIX.EXE. Although the file name sounds good, it is not. Instead of fixing bugs, it steals passwords and emails it to the hacker.
All in all, the virus was estimated $10 Billion in damages.
So there you have it! Some pretty annoying, destructive, and costly pieces of code. From accidents, to notoriety, to maliciousness, to greed, these are relentless and vicious pieces of code! We need to protect ourselves with defensive virus apps as well as our actions online. Check out this article about keeping yourself safe online.
7 thoughts on “The Most Destructive Computer Viruses”
Comments are closed.