20 Big computer Viruses in history

A talk about computer viruses, enough to talk about "poison" discoloration. The hard drive data is emptied, the network connection is disconnected, the good machine becomes the source of the virus, and the other computer begins to infect. After the virus, the nightmare began. A report shows that in 2008 alone, the global economic losses caused by computer viruses are as high as $8.5 billion trillion. Computer viruses have been in the arena for years, dating back to the beginning of computer science, when people have come up with the basic principles of destroying computer systems. In 1949, John von Neumann, a scientist, claimed that the process of reproducing itself was not a myth. But decades later, hackers began to really develop the virus. Until the computer began to popularize, the computer virus has aroused people's attention.

1.Creeper (1971)

The earliest computer virus creeper (named according to an image in the old cartoon "Scooby Doo Scooby Doo") appeared in 1971, 42 years after this time. Of course, at the time, Creeper has not yet been called a virus, because computer viruses do not yet exist. Creeper was written by Robert Thomas, a programmer for the BBN technology company, through the ARPANET, the predecessor of the Internet, from the company's Dec PDP-10, showing that "I am creeper, have the ability to catch me!" (I ' m The Creeper, catch Me if you can!). " Creeper moves through the network, skipping from one system to another and replicating itself. However, once another creeper is encountered, it is logged off.

2.Elk cloner virus (1982)

Rich Skrenta made the world's first computer virus on an Apple Skrenta. In 1982, Skrenta wrote a virus transmitted through floppy disks, which he called "Elk Cloner", when the computer did not have a hard drive. The virus infects thousands of machines, but it is harmless: it simply displays a poem on the user's screen, two of which are: "It will go into all your disks/it will go into your chip." ”

3. Melissa (melissa,1999 year)

The Melissa virus, made by David Smith, is a rapidly spreading macro virus that spreads as an attachment to an e-mail message, usually titled "This is the information you want and don't let anyone see it." You are asked for, don ' t show anybody else) ". Once the recipient opens the message, the virus replicates itself and sends the same message to the top 50 friends in the user's address book. Because it emits a large amount of mail that creates a huge email flow, it may stop the enterprise or other mail server programs, although Melissa viruses do not destroy files or other resources. March 26, 1999 broke out, infecting 15%-20% of commercial computers.

4. Ai-worm (I Love You, 2000)

A year after the outbreak of the Melissa virus, a new virus appeared in the Philippines. Unlike Melissa, this time there was a worm, a standalone program with a self-replicating function. The name of this virus is called Love worm (I Loving You). The virus is also first transmitted by mail, and its destructive power is much stronger than Melissa. The headline usually shows that this is a letter from your secret admirer. The attachment in the message is the culprit. The initial file name for this worm is love-letter-for-you.txt.vbs. The suffix-name VBS indicates that the hacker is a program written using VB Script. Many people suspect that the virus was made by O ' Neill of the Philippines. As the Philippines did not enact laws on computer sabotage, the authorities had to subpoena him in the name of larceny. Eventually, the authorities were forced to release Guzman due to insufficient evidence. According to the media estimates, the AI virus caused a loss of about 10 billion dollars.

5. Cover letter virus (klez,2001 years)

The cover letter virus is a milestone in the spread of viruses. A few months later there were many variants that raged over the internet for months. The most common type of cover letter virus spreads through the mail, then copies itself and sends the same message to the contact person in the victim's address book. Some variants of the cover letter virus carry other destructive programs that paralyze the computer. Some may even forcibly shut down antivirus software or disguise it as a virus-removal tool.

Soon after the virus appeared, the hacker improved it and made it more contagious. In addition to sending the same message to the Address Book contact, it can randomly sample a person from a poisoned person's address book to fill in the sender's location.

6. Red codes (Code Red, 2001)

Both the red code and the Red Code Ⅱ (Code Red II) exploit an operating system vulnerability that exists in Windows 2000 and Windows NT, a buffer overflow attack in which the machine running the two operating systems is receiving more data than the processing range The data overflows and overwrites adjacent storage units, making other programs not functioning properly, or even causing the system to crash. Unlike other viruses, Code Red does not write virus information to the hard disk of the attacked server, it only resides in the memory of the attacked server.

The original red Code worm uses distributed denial of service (DDOS) to attack the White House Web site. Computers with Windows 2000 systems installed once the red code is Ⅱ, the worm creates a backdoor in the system, allowing remote users to enter and control the computer. The person who emits the virus can get information from the victim's computer and even use the computer for criminal activities. It is possible for the victim to become a scapegoat for others.

Although Windows NT is more susceptible to red code, viruses do not cause other hazards except that the machine crashes.

7. Nimda (nimda,2001)

The virus also appeared in 2001. Nimda spread quickly through the internet, at that time was the fastest-spreading virus. The main target of the Nimda virus is an Internet server. Nimda can be spread by mail and so on, which is why it can erupt rapidly and on a large scale.

The Nimda virus creates a backdoor program in the user's operating system that allows the intruder to have the current login account permissions. The spread of the Nimda virus has caused many network systems to crash, and server resources have been consumed by worms. From this perspective, Nimda is essentially a DDoS.

8. Grey Pigeon (2001)

Gray Pigeon is a remote control software, sometimes also seen as a set of various control methods in one Trojan virus. The user computer unfortunately infects, every move is under the hacker's surveillance, steals the account number, the password, the photograph, the important document is easy. Gray pigeons can also continuously capture the remote computer screen, but also monitor the camera on the controlled computer, automatically boot up and use the camera for video. By the end of 2006, "Gray Pigeon" Trojan horse has appeared more than 60,000 varieties. Although it is used legally, it is an excellent remote control software. But if you do something illegal, the Gray dove becomes a powerful hacker tool.

9.SQL Slammer (2003)

Slammer, also known as the Sapphire virus, is a DDoS malicious program, through a new way of transmission, the use of distributed blocking services to attack the server, it took advantage of SQL Server vulnerability to block service attack 1434 port and in memory infected SQL Server, through the infected SQL Server is heavily spread blocking service attacks and infections, resulting in SQL Server not working properly or downtime, so that the internal network congestion. The virus caused more than 1 billion dollars of damage before patches and virus-killing software appeared. The spread of sapphire virus is very rapid. Like Code Red, it resides only in the memory of the attacked server.

10.MyDoom (2004)

Another worm Mydoom (also known as Novarg) left a backdoor in the user's operating system in February 2004. The virus uses a combination of viruses and spam tactics that can quickly spread through the corporate e-mail system, causing a surge in the number of messages and blocking the network. Like other viruses, the virus searches for a list of contacts on the infected user's computer and sends messages. In addition, it sends a search request to the search engine and sends an e-mail message to the search box. Eventually, search engines such as Google received millions of of search requests, and services became very slow and even paralysed. According to MessageLabs, a network security firm, 1 of the virus was carried on average in every 12 e-mails. Similar to the cover letter virus, the Mydoom virus is also used to disguise mail senders, making it extremely difficult to query the source of the virus via email.

11. Concussion Wave (Sasser, 2004)

Germany's 17-year-old Sven Jaschan2004 made Sasser and Netsky. Sasser attacks computers through Microsoft's system vulnerabilities. Unlike other worms, it does not propagate through the mail, and once the virus has entered the computer, it automatically looks for the vulnerable computer system and directly directs them to download and execute the virus files, so the entire spread and seizure process does not require human intervention. The virus modifies the user's operating system and does not shut down properly without forcibly shutting down the machine.

Netsky viruses are transmitted via mail and network. It also carries out email address spoofing, which is transmitted through 22016-bit file attachments. A denial-of-service attack (DoS) is used to control network traffic as the virus spreads. Sophos experts believe that Netsky and its variants once infected 1/4 of computers on the Internet.

12.leap-a/oompa-a (2006)

After Skrenta wrote the first virus, the Mac virus appeared to have vanished for 24 years. 2006, Leap-a virus, also known as Oompa-a virus appeared. Photos of the leopard operating system leaked on the Apple fan forum spread among Apple users. Once the user accidentally infects the virus, it spreads through the instant chat program ichat. When the virus enters the Apple Computer, it automatically searches for the ichat contact list and sends a message to the friend, which comes with a corrupted JPEG image attachment.

The virus does not cause too much harm to computers, but it proves that even Apple computers can be poisoned. With the growing popularity of Apple machines, more and more viruses targeting Apple will appear.

13. Storm Worm (Storm worm,2006 year)

The dreaded Storm worm (Storm worm) was finally confirmed at the end of 2006. The public called the virus a storm worm because a message with the virus was titled "Storms hit Europe and 230 people died". Some varieties of storm worms turn computers into zombies or "chickens." Once the computer is infected, it can be easily manipulated by the virus propagator. Some hackers use storm worms to create botnets that send spam on the internet. Many of the Storm worm variants will induce users to click on a false link in some news or news video. The worm is automatically downloaded when the user clicks on the link. Many news agencies and bloggers believe storm worms are the most serious virus in recent years.

14. Panda Burning Incense (06-07 years)

Panda Burning Incense is a variant of the worm, October 16, 2006 by the 25-year-old Chinese Hubei Province, Li June, wrote in early January 2007, a raging network. This is a wave of computer virus spread in the frenzy. Thousands of computers can be infected in a very short period of time, and can cause network paralysis when severe. The childlike, nodding Jing Xiang Dêqên "Panda" in addition to endless. Anti-virus engineers named it "Nima". Virus variant causes the user computer to be poisoned may appear the blue screen, the frequent restart as well as the system hard disk the data file destroys and so on phenomenon. At the same time, some variants of the virus can be spread through the LAN, and then infect all computer systems in the LAN, resulting in the enterprise LAN paralysis, not normal use, it can infect the system exe,com,pif,src,html,asp and other documents, It also terminates a large number of anti-virus software processes and deletes backup files with the extension gho. All of the. exe executables in the infected user's system are all changed to a panda holding three incense.

15.AV Terminator (2007)

"AV Terminator" also known as "Anti-Virus", "AV" is the "anti-virus" abbreviation, is a flash parasitic virus, the main transmission channels are adult websites, pirated movie sites, pirated software downloads, pirated E-book download station. Disable all anti-virus software and a large number of security aids, so that the user's computer loss of security, the destruction of security mode, so that users can not enter Safe mode to remove the virus; AV Terminator will also download a large number of Trojan horse and remote control Trojan. The suffix name is generated when the AV Terminator virus runs. da

16. Disk drive virus (2007)

This is a downloader virus that shuts down some of the security tools and antivirus software and prevents it from running; For certain accessibility tools that cannot be turned off by sending a window The flood caused the program to suspend animation because the message was not processed; Destroy security mode, remove some anti-virus software and real-time monitoring services, Remote injection into other processes to start a virus that is terminated, the virus releases AUTORUN under each partition. INF to achieve self operation. Infects all executables in a directory other than the SYSTEM32 directory. And will infect the files within the RAR compressed package. The damage and damage caused by the virus is 10 times times that of "Panda burning Incense".

17. Machine Dog Virus (2007)

The robot dog virus was named "Robot Dog" by netizens because of its original version using an electronic dog photo as an icon. The main harm of the virus is to act as a virus Trojan downloader, similar to the AV Terminator virus, the virus by modifying the registry, so that most of the popular security software failure, and then frantically download all kinds of stolen tools or hacker tools, Poses a serious threat to the user's computer. Machine dog virus directly manipulate disk to bypass System file integrity test, through infection system files (such as Explorer.exe,userinit.exe,winhlp32.exe, etc.) to achieve covert start-up, through the reduction of system software caused a large number of Internet users infected with the virus, The system cannot be secured by a restore.

18. Earthquake net (stuxnet,2009-2010)

The network is a Windows platform for industrial control system computer worm, it is the first to destroy the real world, rather than the virtual world computer virus, using the Siemens control system (SIMATIC WINCC/STEP7) The existence of vulnerability infection data acquisition and monitoring System (SCADA) , writes code to the programmable logic controller (PLCS) and hides the code. This is the first ever computer worm to contain PLC rootkit, and the first known worm to target critical industrial infrastructure. It is reported that the worm may have infected and damaged the nuclear facilities at Natanz, Iran, and eventually delayed the start of the Bushehr nuclear power plant in Iran. However, Siemens said the worm did not actually cause any damage.

19.Conficker virus (2009)

The Conficker virus is a computer worm that appeared in 2009 for Microsoft's Windows operating system. This virus exploits Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, and Windows 7 A known vulnerability in the Server service used by the beta version of the operating system.

20.OnlineGames Series Theft Trojan

This is a class of theft Trojan series collectively, this type of Trojan is characterized by the process of stealing the popular major network games (Warcraft, Dream West Tour, etc.) account for the benefit of buying and selling equipment. This type of virus itself generally does not fight anti-virus software, but often accompanied by the AV Terminator, Robot Dog and other viruses appear.