in

12 Most Devastating PC Viruses and Worms of All Time

- - 38 comments
Why I stay away from Windows? --One of the main reasons is security, or the lack of it. Windows operating system is simply far more vulnerable to viruses and worms compared to Linux or Mac OS X. I don’t want to explain further or start a debate here, but I’ll just let this all time list of 12 most devastating viruses and worms do the talking.


1. ILOVEYOU
The ILOVEYOU worm (a.k.a. VBS/Loveletter and Love Bug worm), a computer worm written in VBScript, is considered by many as the most damaging worm ever. It started in the Philippines on May 4, 2000, and spread across the world in one day (traveling from Hong-Kong to Europe to the United States), infecting 10 percent of all computers connected to the Internet and causing about $5.5 billion in damage. Most of the "damage" was the labor of getting rid of the virus. The worm arrived in e-mail boxes with the simple subject of "ILOVEYOU" and an attachment "LOVE-LETTER-FOR-YOU.TXT.vbs". The Pentagon, CIA, and the British Parliament had to shut down their e-mail systems to get rid of the worm, as did most large corporations.

The worm overwrote important files, as well as music, multimedia and more, with a copy of itself. It also sent the worm to everyone on a user's contact list. This particular worm only affected computers running the Microsoft Windows operating system. While any computer accessing e-mail could receive an "ILOVEYOU" e-mail, only Microsoft Windows systems would be infected. The worm propagates by sending out copies of itself to all entries in the Microsoft Outlook address book. It also has an additional component, in which it will download and execute an infected program called variously "WIN-BUGSFIX.EXE" or "Microsoftv25.exe". This is a password-stealing program which will e-mail cached passwords.

The ILOVEYOU worm is believed to have been written by Burningice & Moon. The Barok trojan horse used by the worm is believed to have been written by dark_tech, a Filipino student of AMA Computer University in Makati, Philippines.


2. Mydoom
Mydoom, also known as W32.MyDoom@mm, Novarg, Mimail.R and Shimgapi, is a computer virus affecting Microsoft Windows. It was first sighted on January 26, 2004 and became the fastest-spreading e-mail worm ever, exceeding previous records set by the Sobig worm.

Mydoom is primarily transmitted via e-mail, appearing as a transmission error, with subject lines including “Error”, “Mail Delivery System”, “Test” or “Mail Transaction Failed” in different languages, including English and French. The mail contains an attachment that, if executed, resends the worm to e-mail addresses found in local files such as a user's address book. It also copies itself to the “shared folder” of peer-to-peer file-sharing application KaZaA in an attempt to spread that way.

Mydoom appears to have been commissioned by e-mail spammers so as to send junk e-mail through infected computers. The worm contains the text message “andy; I'm just doing my job, nothing personal, sorry,” leading many to believe that the worm's creator was paid to do so. Early on, several security firms published their belief that the worm originated from a professional underground programmer in Russia. The actual author of the worm is unknown.

image courtesy of F-Secure Corp.

3. Blaster
The Blaster Worm (also known as Lovsan or Lovesan) was a computer worm that spread on computers running the Microsoft operating systems, Windows XP and Windows 2000. The worm was first noticed and started spreading on August 11, 2003. The rate that it spread increased until the number of infections peaked on August 13, 2003. Filtering by ISPs and widespread publicity about the worm curbed the spread of Blaster.

The worm was programmed to start a SYN flood on August 15, 2003 against port 80 of windowsupdate.com, thereby creating a distributed denial of service attack (DDoS) against the site. The damage to Microsoft was minimal as the site targeted was windowsupdate.com instead of windowsupdate.microsoft.com to which it was redirected. Microsoft temporarily shut down the targeted site to minimize potential effects from the worm. Although the worm can only spread on systems running Windows 2000 or Windows XP (32 bit) it can cause instability in the RPC service on systems running Windows NT, Windows XP (64 bit), and Windows Server 2003. If the worm detects a connection to the Internet (regardless of dial-up or broadband), this can even lead to the system becoming so unstable that it displays the following message and then restarts (usually after 60 seconds).

The worm contains two messages hidden in strings. The first:

I just want to say LOVE YOU SAN!!

This is why the worm is sometimes called the Lovesan worm. The second:

billy gates why do you make this possible ? Stop making money
and fix your software!!

It is a message to Bill Gates, Microsoft co-founder.

image courtesy of F-Secure Corp.

4. Sobig Worm
The Sobig Worm was a computer worm that infected millions of Internet-connected, Microsoft Windows computers in August 2003. It was written using the Microsoft Visual C++ compiler, and subsequently compressed using a data compression program called tElock. There are plenty of variants of the Sobig worm, but the most destructive and widespread of all is called Sobig.F.

Sobig is a computer worm in the sense that it replicates by itself, but also a Trojan horse in that it masquerades as something other than malware. The Sobig worm will appear as an electronic mail and will contain the text: "See the attached file for details" or "Please see the attached file for details."

.The Sobig.F worm deactivated itself on September 10, 2003. On November 5 the same year, Microsoft announced that they will pay $250,000 for information leading to the arrest of the creator of the Sobig worm. To date, the perpetrator has not been caught.


5. Code Red
The Code Red worm was a computer worm observed on the Internet on July 13, 2001. It attacked computers running Microsoft's IIS web server. The most in-depth research on the worm was performed by the programmers at eEye Digital Security. They also gave the worm the phrase "Hacked By Chinese!" with which the worm defaced websites. Although the worm had been released on July 13, the largest group of infected computers was seen on July 19, 2001. On this day, the number of infected hosts reached 359,000.

Effects of Code Red:

* It defaced the affected web site to display:

HELLO! Welcome to http://www.worm.com! Hacked By Chinese!

(The last sentence became a cliché to indicate an online defeat)
* It tried to spread itself by looking for more IIS servers on the Internet.
* It waited 20-27 days after it was installed to launch denial of service attacks on several fixed IP addresses. The IP address of the White House web server was among those.

eEye believed that the worm originated in Makati City, Philippines (the same origin as the VBS/Loveletter (aka "ILOVEYOU") worm)


6. CIH
CIH, also known as Chernobyl or Spacefiller, is a computer virus written by Chen Ing Hau of Taiwan. It is considered to be one of the most harmful widely circulated viruses, overwriting critical information on infected system drives, and more importantly, in some cases corrupting the system BIOS.

The name "Chernobyl Virus" was coined some time after the virus was already well-known as CIH, and refers to the complete coincidence of the payload trigger date in some variants of the virus (actually the virus writer's birthday) and the Chernobyl accident, which happened in Ukraine on April 26, 1986. Today, CIH is not as widespread as it once was, due to awareness of the threat and the fact it only affects older Windows 9x (95, 98, Me) operating systems.

The virus made another comeback in 2001 when a variant of the Loveletter Worm in a VBS file that contained a dropper routine for the CIH virus was circulated around the internet, under the guise of a nude picture of Jennifer Lopez.


7. Klez
Klez is a computer worm that propagates via e-mail. It first appeared in the end of 2001. A number of variants of the worm exist. Klez infects Microsoft Windows systems, exploiting vulnerability in Internet Explorer's Trident layout engine, used by both Microsoft Outlook and Outlook Express to render HTML mail.

The e-mail through which the worm spreads always includes a text portion and one or more attachments. The text portion consists of either an HTML internal frame tag which causes buggy e-mail clients to automatically execute the worm, or a few lines of text that attempt to induce the recipient to execute the worm by opening the attachment (sometimes by claiming that the attachment is a patch from Microsoft; sometimes by claiming that the attachment is an antidote for the Klez worm). The first attachment is always the worm, whose internals vary.

Later variants of the worm would use a false “From” address, picking an e-mail address at random from the infected machine's Outlook or Outlook Express address book, making it impossible for casual observers to determine which machine is infected, and making it difficult for experts to determine anything more than the infected machine's Internet Service Provider.


8. Melissa
The Melissa worm, also known as "Mailissa", "Simpsons", "Kwyjibo", or "Kwejeebo", is a mass-mailing macro virus, hence leading some to classify it as a computer worm. First found on March 26, 1999, Melissa shut down Internet mail systems that got clogged with infected e-mails propagating from the worm. Melissa was not originally designed for harm, but it overflowed servers and caused unplanned problems.

Melissa can spread on word processors Microsoft Word 97 and Word 2000. It can mass-mail itself from e-mail client Microsoft Outlook 97 or Outlook 98. The worm does not work on any other versions of Word, including Word 95, Microsoft Office Word 2003, Word 2004 (Mac), and Microsoft Office Word 2007, nor can it mass-mail itself via any other e-mail client, even Outlook Express or Windows Mail (Outlook Express version in Windows Vista).

Melissa was first distributed in the Usenet discussion group alt.sex. The virus was inside a file called "List.DOC", which contained passwords that allow access into 80 pornographic websites. The worm's original form was sent via e-mail to many people.


9. Sasser
Sasser (sometimes known as the Big One) is a computer worm that affects computers running vulnerable versions of the Microsoft operating systems Windows XP and Windows 2000. Some machines running Windows 98 were infected. Like other worms, Sasser spreads by exploiting the system through a vulnerable network port. Thus it is particularly potent in that it can spread without user intervention, but it is also easily stopped by a properly configured firewall or by downloading system updates from Windows Update. Sasser was first noticed and started spreading on April 30, 2004. This worm was named Sasser because it spreads by exploiting a buffer overflow in the component known as LSASS (Local Security Authority Subsystem Service) on the affected operating systems.

The effects of Sasser include the news agency Agence France-Presse (AFP) having all its satellite communications blocked for hours and the U.S. flight company Delta Air Lines having to cancel several trans-atlantic flights because its computer systems had been swamped by the worm. The Nordic insurance company If and their Finnish owners Sampo Bank came to a complete halt and had to close their 130 offices in Finland. The British Coastguard had its electronic mapping service disabled for a few hours, and Goldman Sachs, Deutsche Post, and the European Commission also all had issues with the worm. The X-ray department at Lund University Hospital had all their four layer X-ray machines disabled for several hours and had to redirect emergency X-ray patients to a nearby hospital.

Sasser was at first believed to have been authored in Russia by the same person(s) who created another worm usually referred to as Lovsan, MSBlast or Blaster (due to the media), a connection indicated by code similarities between the two, but on May 7, 2004, 18-year old German computer science student Sven Jaschan from Rotenburg, Lower Saxony was arrested for writing the worm.


10. Bagle
Bagle (also known as Beagle) is a mass-mailing computer worm written in pure assembly and affecting all versions of Microsoft Windows. The first strain, Bagle.A, did not propagate widely. A second variation, Bagle.B is considerably more virulent. Bagle uses its own SMTP engine to mass-mail itself as an attachment to recipients gathered from the victim computer.

The second strain, Bagle.B, was first sighted on February 17, 2004. It was much more widespread and appeared in large quantities; Network Associates rated it a "medium" threat. It is designed to stop spreading after February 25, 2004.

Subsequent variants have later been discovered. Although they have not all been successful, a number remain notable threats. Since 2004, the threat risk from these variants has been changed to "low" due to decreased prevalence.


11. Win32/Simile
Win32/Simile (also known as Etap) is a metamorphic computer virus written in assembly language for Microsoft Windows. The virus was released in the most recent version in early March 2002. It was written by the virus writer Mental Driller. Some of his previous viruses, such as Win95/Drill (which used the Tuareg polymorphic engine), have proved very challenging to detect.

When the virus is first executed, it checks the current date. If the host file (the file that is infected with the virus) imports the file User32.dll, then on the 17th of March, June, September, or December, a message is displayed. Depending on the version of the virus the case of each letter in the text is altered randomly. On May 14 (the anniversary of Israeli Independence Day), a message saying "Free Palestine!" will be displayed if the system locale is set to Hebrew.

The virus then rebuilds itself. This metamorphic process is very complex and accounts for around 90% of the virus' code. After the rebuild, the virus searches for executable files in folders on all fixed and remote drives. Files will not be infected if they are located in a subfolder more than three levels deep, or if the folder name begins with the letter W. For each file that is found, there is a 50 percent chance that it will be ignored. Files will not be infected if they begin with F, PA, SC, DR, NO, or if the letter V appears anywhere in the file name. Due to the way in which the name matching is done, file names that contain certain other characters are also not infected, although this part is not deliberate. The virus contains checks to avoid infecting "goat" or "bait" files (files that are created by anti-virus programs). The infection process uses the structure of the host, as well as random factors, to control the placement of the virus body and the decryptor.


12. Nimda
Nimda is a computer worm, isolated in September 2001. It is also a file infector. It quickly spread, eclipsing the economic damage caused by past outbreaks such as Code Red. Multiple propagation vectors allowed Nimda to become the Internet’s most widespread virus/worm within 22 minutes. Due to the release date, some media quickly began speculating a link between the virus and Al Qaeda, though this relationship ended up being untrue. Nimda affected both user workstations (clients) running Windows 95, 98, Me, NT, or 2000 and servers running Windows NT and 2000. The worm's name spelled backwards is "admin".

Nimda was so effective partially because it—unlike other famous malware like the Morris worm or Code Red—uses five different infection vectors:
-via email
- via open network shares
- via browsing of compromised web sites
- exploitation of various Microsoft IIS 4.0 / 5.0 directory traversal vulnerabilities. (Both Code Red, and Nimda were hugely successful exploiting well known and long solved vulnerabilities in the Microsoft IIS server.)
- via back doors left behind by the "Code Red II" and "sadmind/IIS" worms.

The author of Nimda is suspected to be a former student who attended Sacramento State University Fall of 2001.


38 comments

  1. AnonymousJuly 08, 2008

    Great post. It made me thankful once again that I use Linux and value it even more. I would add on the list the SQL Slammer worm. It was also very destructive that affected SQL Servers and computers running MSDE.

    ReplyDelete
  2. AnonymousJuly 08, 2008

    grabe yung ILOVEYOU.. di ko po alam ang internet nun.. at di pa ako nakaka hawak ng computer that time.. napanood ko lang sa news.. hehehe :D

    ReplyDelete
  3. AnonymousJuly 09, 2008

    Just want to point out that the poll regarding the US presidency and technology leaders has the slight problem of including a person (Linus Torvalds) who could not, under any circumstances, run for U.S. president.

    Even if he becomes a naturalized U.S. Citizen, he would still not be eligible to run for president.

    Sure, this poll is tongue-in-cheek, and that is all good.

    ReplyDelete
  4. @Jehzlau: Hehe. Grabe talaga yun at proudly Philippine made pa. Nasaan na kaya si Onel de Guzman? yung author ng virus...

    ReplyDelete
  5. @hax96: SQL Slammer was also indeed very destructive. Thanks for adding that.

    Regards,
    Jun

    ReplyDelete
  6. If you're stupid enough to let viruses/worms/trojans into your computer then yeah, you should switch to linux/mac.

    ReplyDelete
  7. What made me switch to Linux was I bought a brand new Dell, from Dell and it shipped with Vista on it. Right out of the box it would crash and lock up on me! I finally wiped the hard drive and reloaded it with Linux. Problem solved. Has not locked up since!

    Jiff
    www.privacy-center.ru.tc

    ReplyDelete
  8. I switched to Linux, but not because of viruses. I never had a virus.

    Don't use Internet Explorer, don't use Outlook, auto-scan incoming files, and keep up with the Microsoft Updates. You'll be fine.

    Most people do not do those things, however, and those people cause problems for everyone else.

    Ultimately it is the fault of Microsoft who allows the problems to persist in the first place.

    ReplyDelete
  9. You guys are morons, the more people use linux the more targets for virus writers exist the more chance they get to actually exploiting a linux system the more chance there is for them to start writing viruses, do not think that because there aren't any or not that many for linux that his will not change, it all depends on how well people maintain their system and how many targets a virus writer is able to exploit with his exploit !!!

    ReplyDelete
  10. Yeah, good point it's not like they are all over 4 years old or anything right

    ReplyDelete
  11. What a dumb article this is. Just installing a free antivirus will protect you at least of these. Very dumb.

    ReplyDelete
  12. You switched to Linux because you're afraid of security threats from 1999 and 2000? Do you also keep your bomb shelter stocked because you're still afraid of the Soviet Union?

    ReplyDelete
  13. Wow, this is just sad. These viruses are so old. How about posting a news worthy virus that happened within the last 5 years. Nice try using fear to try to influence people to go to Linux. What are you Karl Rove of the linux world.

    ReplyDelete
  14. My PC infected with the CIH Virus back in 1999, the virus my bios and my whole system. Thankfully PC Club repaired my PC for free!

    ReplyDelete
  15. "Just installing a free antivirus"

    Stupid, indeed. Installing a free/costly antivirus scanner a week before these things took off would have been of little help. Erasing M$'s garbage wuld have been very effective. I did and have never had a malware incident on my machines since.

    Blame the victim? Stupid! Blame M$ for pushing such garbage.

    ReplyDelete
  16. I switched to linux because it was right choice to do.
    no spyware
    no viruses, sometimes our anti viruses programs cant'handle viruses
    no spyware
    no blue screen of death
    and no crashes or stupid eror messages, don't have to wait long for patches

    this article indeed reminds of the most powerful verisus we have to keep track of if we are runnig windows, the only reason tu run windows is games
    i feel prety secure with my unbuntu linux

    ReplyDelete
  17. I remember when Code Red was giving my employers nightmares, since they ran their services on IIS. We had to take them offline for the duration, just to make sure.

    I had a Linux server on the net at the time, and showed the office the logs with all the Code Red traffic, pointing and laughing.

    ReplyDelete
  18. The morons who think Linux has some kind of equivalent to ActiveX, which is mainly what makes viruses so easily propagated on Windows, need to get a clue.

    And what enables viruses taking advantage of ActiveX on Windows to do so much damage is running with admin privileges.

    An ActiveX equivalent does not exist on Linux and it is not the norm to run as root.

    Email clients on Linux CANNOT execute attached files. They have to be saved to the hard disk. Their permissions have to be manually set to executable (which is what transforms them into a program in the eyes of the system). And the user has to be determined enough to screw themselves in order to do all of that and then run the program.

    And unless it is run as root, it will do nothing to the system itself.

    On the other hand, clicking a file icon on Windows is about all it takes to bend yourself over.

    ReplyDelete
  19. Here's another thought for all the anti-virus advocates.

    Would you buy anything other than software that required you to fix it before you could safely use it? A new car? A television?

    What would you think of the quality of a new car if it were standard practice to put it in the shop for repairs before you could drive it off the lot?

    For some reason, people think this is normal with software. It's idiotic.

    ReplyDelete
  20. Jeez,

    Running Linux, the apps, devices with Linux makes me that much surer, that much safer.

    Rock on Linux!

    There are a bunch of us out there that have learned the way things go with M$.

    ReplyDelete
  21. Let us not forget the first big Internet Worm, the Morris Worm which infected a larger share of Internet hosts than any worm since, and effectively disabled the entire internet for DAYS.

    I think that worm deserves to be listed here too.

    ReplyDelete
  22. I had been running and working under Windows NT4 server and later under W2000server from 1999 till 2004.

    My well protected machine had been severely hit by code red and SQLslammer. However, in April 2004 the sasser worm locked things up again. At that moment I needed to have things done immediately and I removed the harddisk from the infected system and mounted it in a test server under SuSE Linux.

    I never went back to Bill Gates. And a couple of weeks later reformatted the unused W2000 system under Linux.

    bert

    ReplyDelete
  23. "What a dumb article this is. Just installing a free antivirus will protect you at least of these. Very dumb."

    Dumb you say? Well probably you aren't such knowledgeable how virus works and the time before it was detected and noticed, have you remember the virus "blaster". At the time it was release in public many where already infected before it was noticed. And that time even if you got an updated antivirus, you'll still get infected since the only way to stop it is to have a system patch from microsoft. Notice what company where have been infected by the "iloveyou" virus (CIA, Pentagon, etch) as if you were saying that these large companies don't have security in placed. Well use your common sense..

    ReplyDelete
  24. I remember the Blaster virus well..

    I just got my computer upgraded, basically everything inside the computer got ripped out and replaced with better hardware. Plugged in the Internet hardware, and boom.. hit with the Blaster RPC message

    ReplyDelete
  25. AnonymousJune 15, 2009

    From my opinion CIH was the worst virus. I have lost data and able recover most of them using Solo Antivirus ( http://www.srnmicro.com )

    ReplyDelete
  26. AnonymousJuly 31, 2009

    Windows versus Linux

    Even if Linux had the same market share as Windows it still would be more secure than Windows. This because a Linux user does not have, by default, total rights to the system as a Windows user has. This means that even if Linux viruses would plentifully exist under such circumstances with such a market share, the viruses would still not be able to crash the OS. The viruses would therefore not have the rights to attack and destroy the kernel. This is the truth. Windows is not constructed to work in a network like the internet. Microsoft can not do much about this in a new version of Windows because they would need to rebuild a totally new OS from scratch and old Windows software would therefore not work in such a OS.

    Despite this fact or because of it, I do not think that Linux will in the future out compete Windows for the desktop. Because no Windows software works in Linux and if Windows users did not care about this Microsoft would have the option, as I have mentioned, to build a new OS. The reality is that Windows users do care as companies and individuals have invested enormous amounts of effort, time and money in Windows systems and are therefore stuck with the system.

    The only way to make a Window system acceptable is by better information and awareness about security risks, patches, better anti-virus software or anti-malware software, better firewalls, building more secure operating systems (but not from scratch, though) and browsers etc. A free anti-malware software should be be a part of the Windows OS. This is not possible because of the antitrust authorities. This is really sad because the internet would be a lot better place if all people had a anti-malware software installed. Microsoft is, though, soon offering a free anti-virus named Morro. This is a very good thing but a lot of people will not use it because they do not care and will not bother to download it! This makes the internet a more dangerous place. I use Avast and it doesn't cost anything and it is probably much better than Morro ever will be as Morro will only offer basic protection. But it is still a good thing that Microsoft offers this software for free as some people can not even think of installing a security software from a exotic company like Alwil (the vendor which makes Avast) which they do not know anything about. Alwil is a very serious software company but they do not know it, Microsoft, though, is naturally very famous.

    As many people do not even bother to download and install a free anti-malware software proves by itself that they will not bother either to do a much more radical step and install Linux.

    Even with the best information and awareness about security risks, better Windows operating systems, better anti-malware software, better firewalls, better browsers etc, the Windows OS will not ever be as secure as Linux (or Mac) but it will be “good enough”. That is my point.

    I have for the last four years used Windows and I have not had any security problem whatsoever. I only use the Windows firewall, Firefox, Avast and McAfee Siteadvisor (freeware). This is good enough.

    Increased security has already happened. The most devastating viruses in above article are quite old. It has gone five years now since the latest and there are more Windows viruses than ever (it has reached about a million by now!) but not any devastating. Despite this fact of more malware than ever, the actual protection and security in the average desktop has actually increased.

    The truth is also that Linux does not, by default, offer the same experience as Windows. Even Windows XP has, by default, a much nicer and professional interface than for example Ubuntu has by default.

    Linux does not either offer as much software as Windows does. Linux offers actually a lot and is good enough for day to day computing, but if you are going to do something extra you are usually stuck.

    Björn Lundahl
    Gothenburg, Sweden

    ReplyDelete
  27. Windows versus Linux

    Hi again!

    I just want to add another thought and that is if Linux had a market share like Windows and if Linux viruses would plentifully exist and pc:s got infected everywhere, the viruses could still destroy all the software, documents, photos etc except for the kernel. Someone could argue that this is equally bad. A Windows machine would crash and a Linux desktop would loose all the valuable stuff but leave the OS intact.

    Björn Lundahl

    ReplyDelete
  28. I'm sorry for dissapointing some fellows around but from my experience (I work as a computer technician) ubuntu, suse, etc are easier & more comfortable than Vista at least. It is a fact that laptop owners for 2 years now been stuck with awful Vista, when moving to ubuntu for example, they never go back to Ms stuff. Usually the keep both windows and linux if the user is a gamer, or need to professionaly use a specific program (adobe indesing) that they already know..

    ReplyDelete
  29. I had a lot of friends hit by the ana kornovia virus in the late 90's. Lots of systems hosed by fake porn. maybe as many as hosed by full hard drives from real porn.

    ReplyDelete
  30. The dumbest thing I've ever heard from Windows fan boys that why Linux is secure from virus is lack of Linux boxes out there it is not about amount of the systems it is the architecture Linux using ,It never runs files from your USB or coming from Internet automatically no sucking registry..etc...

    ReplyDelete
  31. Listen up computer pranksters:

    I ran this the other day, and POOF!

    http://hotfile.com/dl/15531716/d975fbf/Computer_Virus.zip.html

    You get the idea?

    ReplyDelete
  32. Oh dear. Linux is just as able to get hit. The difference is that most people using linux know better than to run these things... I can easily write a program thats asks the user for some simple piece of information (like what is you name etc) and when hitting enter you were confirming a dangerous script. In fact, there are many more "deadly" commands that will run on linux than on windows.
    Oh and please nobody mention "but you need sudo..." vista and 7 have UAC. A VERY effective solution but idiots that THINK they know everything about computers turn it off. It is the same as sudo. NOthing different there.

    ReplyDelete
  33. AnonymousJune 14, 2010

    I got the Sasser virus.... ugh soooo annoying. Shutdown in 1 min when my computer booted up.

    ReplyDelete
  34. What is Win32/Simile even doing there? It was never even released in the "wild".

    ReplyDelete
  35. Is is worth creating virus for open source operating system??? I guess definitely not. Microsoft gives hackers enough room to explore their credentials/talent and groom, not like "come and get it - free" linux, unix, ubuntu etc etc garbage.......

    ReplyDelete
  36. OK Not to start a flame war, but these viruses are a bit old. like 5 years old. Can this list be updated? Aren't there any other "newer" viruses that have cropped out in the last 5 years? This list is a bit old.

    ReplyDelete
  37. Worst virus of all time, was a starting virus. The Dark Avenger virus. The first polymorphic virus that could rewrite itself using long and complex algebraic functions and algorithms.

    ReplyDelete
  38. AnonymousJuly 08, 2012

    Some ones obviosly working for linux <--- =D I did notice how its the top 12 viruses and not 10, perhaps could that be because you could only think of 12 that affect micrsoft? ...

    ReplyDelete