Companies today greatly rely on technology in order to carry out day-to-day responsibilities and run empires. The vast increase in technological advancements leads to many benefits in the corporate world. Employees have the ability to work from anywhere at any time and can easily save and access a multitude of files, documents, etc. 

80% of companies said that they use at least one emerging technology for finance and operations.

While technology has many advantages, it also comes with some drawbacks. 

One of these major downsides is viruses. 

Between 2021 and 2022, ransomware attacks have increased by 80% year after year. 

Ransomware attacks happen once every 11 seconds. 

This can be via phishing emails, clicking bad links, downloading suspicious attachments, visiting online ads that at first glance seem to look safe, and more. The list just goes on and on.

Hackers are just getting more creative making it easy to fall for cyberattacks. 

The average ransomware attack costs $4.62 million. 

Today, we are going to look at some of the biggest viruses to occur on the web. These viruses make the average attack seem pretty bearable. 

• Definitions

• Viruses

• MyDoom

• Sobig

• Conficker

• Klez

• ILOVEYOU

• WannaCry

• Zeus

• Melissa

• CodeRed

• Stuxnet

• CryptoLocker

• Jerusalem

• Conclusion

Before we get started, here are a few terms that we will be referring to. 

• Botnet - a massive network of enslaved computers that can be controlled remotely.

• Malware - malicious software that is developed by hackers to steal information and destroy computer systems.

• Worm - a type of malware that self-replicates and infects other computer systems while staying active. 

All right! We have studied up on some definitions so now let’s dive into some of the scariest viruses of all time… 

In 2004, no other virus was able to spread as quickly as MyDoom. This worm infected more than 500,000 computers in just one week! 

It all begins with a single email. Victims receive a mysterious email with the subject line of one of the following: test, hi, hello, mail delivery system, mail transaction failed, server report, status, or error.

In this email, there is solely an attachment that contains the malicious virus. Once clicked, MyDoom enters the device’s operating system. Things get quite messy from here. The worm proceeds to send similar email messages containing the same virus to all of the victim’s contacts. Every time victims check their inboxes, they receive another copy of the email as well.

MyDoom is able to roam whenever the Windows operating system is launched. It opens various ports for even more malware to enter the victim’s operating system. 

If you didn’t think things could get any worse, I’m here to tell you that they do. 

The worm adds all of the computers it has infiltrated to a botnet and then carries out DDoS (distributed denial of service) attacks. 

To this day MyDoom’s creator is unknown. Damage estimates from this worm are about $40 billion. 

Variants of MyDoom have been released; however, none have been nearly as severe or have been able to outdo the original. 

Here is yet another worm that flourishes through email messages. Sobig is a mass-mailing worm that can also spread via network shares.

Here is a pro tip: if you receive a message from the sender big@boss.com, do not open the attached file! Within this email lies one of the fastest spreading and financially damaging viruses to date. 

The worm poses as a .pif or .scr file. 

Once the file is opened, Sobig invades the victim’s Windows operating system and begins its search for email addresses within the computer’s hard drive. These email addresses are used to send out more copies of the worm thus continuing the lifespan of the worm.

Sobig also searches for any places a copy of itself in any shared folders on networks that the infected device has access to. The worm also has updating capabilities and will attempt to download updated versions when certain conditions are met.

Sobig does not physically damage computers, files, or critical data; however, it ties up computer and networking resources. Here is just a glimpse of the power Sobig possesses. 

Sobig has the ability to affect network printers. As a result, infected printers can print out papers filled with nonsense.

Sobig greatly affected the University of Wisconsin-Madison’s network. So much so that it had to shut down outside access to its email. Security officer, Jeff Savoy, said, "We were removing 30,000 bad emails an hour."

In the high-tech city of Bangalore, India, dozens of cyber cafes shut down and home computers blacked out as a result of Sobig. 

MessageLabs, an anti-virus company, has intercepted nearly 1 million copies of Sobig across 183 countries. Sobig’s estimated damage is around $36 billion. 

Conficker is known as one of the most persistent computer worms ever seen due to its combined use of multiple malware techniques. 

Conficker preys on flaws within the Windows operating system and dictionary attacks on administrator passwords to propagate while simultaneously forming a botnet. 

If you read that previous sentence and did not understand a word it said, similarly to myself, let’s break this down. 

This worm links millions of computers around the world containing Microsoft systems to a botnet. The New York Times describes it as a black-market supercomputer. At a point in time, the botnet consisted of at least 10 million individual IP addresses. Very few computer networks in the world are secure enough to withstand an attack from it. 

Oddly enough, the virus was used only once to spread a minor strain of “scareware” intended to frighten unsuspecting uterus into downloading fake antivirus software.

We will never understand the true intent of this virus due to the fact that Conficker’s creator is unknown. 

Conflict affected millions of computers including government, business and home computers. The virus spanned across 190 countries making it the largest worm since Welchia. 

Welchia is known to be one of the most unique computer viruses. Here is why: 

It was initially created to get rid of another worm known as Blaster. 

Yes, you read that right. A worm was created to kill another worm. 

The Nachi worm is a great example of when someone is trying to help you with something, but they do more harm in helping than if you could have just done it by yourself. You know what I’m talking about here. 

The virus was encoded to remove itself assuming that by the time this was done, all the instances of Blaster would be erased. 

The only issue to occur due to the Welchia virus was a massive system slowdown due to the resource-intensive nature of the propagation technique used. It also caused machines to restart once the process of installing Microsoft security updates and patches was completed.

Welchia lived out its purpose of deleting Blaster, but affected organizations such as the Navy-Marine Corps and the State Department due to the worm infiltrating their networking systems resulting in mass shutdowns. 

One of the common traits amongst most, if not all, of the viruses we have talked about is spread through emails. Klez is no different in this case. Unlike other viruses, victims don’t have to download the malicious attachment in order to catch Klez.

Klez is referred to as one of the most destructive worms in history. This worm infected around 7 million computers. 

The virus flourishes on Outlook and Internet Explorer vulnerabilities to make it so that simply previewing or opening the email executes the virus.

Klez randomly selects email addresses from an infected computer's address book and other files and uses them in the email messages it generates. 

The damage of this worm comes out to about $19.8 billion. 

Infecting over 10 million Windows personal computers, the ILOVEYOU virus is one of the first global viruses. Trust me, you do not want to come down with this love bug. 

The virus simulates a love letter sent via email. Onel de Guzman, a college student in the Philippines, created this virus to steal passwords to use online services he couldn’t afford. 

It seems harmless to victims as “ILOVEYOU” stands out as the subject title of the email. The email states, “Kindly check the attached LOVELETTER coming from me.” 

As soon as victims open the infected attachment, the virus downloads into the computer system. 

Who would’ve thought such a sweet-sounding virus could destroy photographs, audio files and documents?

Reading about this virus will make you wanna cry if it were to happen to you. 

WannaCry penetrates Microsoft operating systems to access and lock computer files. Lazarus Group, a hacking group tied to North Korea, demanded ransoms from victims in exchange for the hostage files. 

The virus infected around 300,000 computers across 150 countries. The damage caused by the virus is nearly $4 billion. 

Marcus Hutchins, a 22-year-old security researcher at the time, is a British computer security researcher known for stopping the WannaCry ransomware attack. 

Zeus, one of the most dangerous computer viruses, affects its victims through phishing emails and malicious downloads. 

Initially, the malicious software comes off as harmless content embedded in email messages and online advertisements. 

Once downloaded, the collection of malware infects the victim's computers. Zeus was held responsible for around 44% of all banking malware attacks in 2007. The Trojan is able to detect if victims are visiting a banking site.

The creator’s wish is Zeus’s demand. The malware can breach system information, store passwords, online credentials, and more. Just about everything under the sun, the malware has access to; however, Zeus is mainly known for stealing banking information. 

Zeus was able to access information through passwords stored in Internet Explorer’s Password Store feature browser. From there, Zeus utilizes keylogging to record usernames and passwords as victims type in their account information. 

On top of that, Zeus also has the ability to intercept websites by adding additional forms to provide the creators with even more of their victim’s personal information. 

The Trojan infected around 88% of all Fortune 500 companies' computers including Bank of America, NASA, and other organizations.  

All in all, the total damage comes out to around $3 billion. 

This one is a pretty dark example of how cruel the interweb can be. Programmer, David Lee Smith, hacked an American Online (AOL) account and used it to post a file on an internet newsgroup named “alt.sex”. The virus is said to be named by Smith after an adult dancer in Florida. 

The Melissa virus was not intended to steal money or information. The posting promised dozens of free passwords to fee-based websites with adult content. When victims downloaded the document, the virus was released onto their computers. 

It quickly began to spread and is known as one of the quickest viruses to spread during its time. 

The virus began to take over victims’ Microsoft Word programs and used a macro to hijack their Microsoft Outlook email system to send messages to the first 50 addresses in their mailing lists. 

Email servers at more than 300 corporations and government agencies around the globe became overloaded with malicious, encrypted emails. To the point that some had to shut down entirely. Around 1 million email accounts were disrupted.

It took a whole village to bring this virus down. Traffic slowed down within a few days but it took a while to shut down the virus entirely. The FBI sent out warnings about the virus and its effects. 

The collective damage to bring Melissa down was about $80 million. 

Authorities were able to trace the digital footprint back to Smith. He has complied with authorities and is facing jail time and monetary fines. 

Code Red is one of the few worms that is able to run solely on memory. It leaves no trace of files or hard drives on any computer storage. The worm preys on vulnerable security holes in Microsoft’s Internet Information (IIS), initiates a DoS (Denial of Service) and infects them. 

Code Red infected close to 1 million computers. Affected web pages displayed the sentence “Hacked by Chinese” across their screen. 

The result of Code Red was about $2.4 billion in damages.  At one point, the white house was forced to change its website’s IP address due to the worm’s effects.

Known as the first cyberweapon, Stuxnet is a powerful and malicious computer worm. It is the first virus to cause physical damage to infected devices. 

It exploited Windows zero-day vulnerabilities to infect target systems and spread to other systems. 

The virus primarily targeted the centrifuges of Iran’s uranium enrichment facilities. Not according to plan, cyber attackers modified it over time and adapted it to target other facilities such as power plants and gas pipes. 

While no one has taken responsibility for the virus, it is widely believed that the United States and Israel created the worm. 

Stuxnet ran in two waves. The second wave was much more visible to the public. 

Stuxnet did quite the damage to Iran’s nuclear program. The worm infected more than 20,000 devices in 14 Iranian nuclear facilities and ruined around 900 centrifuges. 

Stuxnet did not stop there. Due to the aggressive nature of the worm, Stuxnet spread outside of its intended limits. 

Stuxnet mutated and was able to spread rapidly through Windows operating systems; however, it did not cause too much damage to these external devices. 

CryptoLocker sounds like exactly what it does: it locks up files within Windows computer systems. 

This Trojan virus targets computers with Microsoft operating systems. At first glance, it comes off as a harmless email attachment. Once clicked and downloaded, the malware encrypts files and then demands a ransom payment in exchange for the description key. Victims were also targeted through the pre-existing Gameover ZeuS botnet. 

CryptoLocker infiltrated nearly 250,000 computer systems worldwide. Creators of CryptoLocker were able to convince at least 1,000 victims to pay a ransom of around $300 in just 100 days.  

The lifespan of CryptoLocker lasted from September 5, 2013, to late May 2014. 

The original Trojan is no longer active, but variants and similar types of malware still roam the web today. 

Coming down to our last virus, we have the Jerusalem virus. 

While the creator(s) of the Jerusalem virus are unknown, it is said to have originated in Israel. 

This DOS file infector was first launched in 1988 to celebrate the 40th anniversary of the creation of the Jewish state. 

The virus was scheduled to begin on its own each year on Friday the 13th, hence the reason for its nickname. It silently infects computers through the use of CD-ROM, floppy disks, and email attachments. 

Friday the 13th causes computers to slow down and reduce memory usage. 

Once this logic bomb is set off, the virus deletes any and every program or file that was infected and used that day. 

In attempts to stop this killer, some “experts” say that you can change the date on your infected device so that you would essentially skip the 13th and go right into the 14th. 

Others believe that this idea is ineffective due to the fact that the malware is slowly reducing your memory storage any other day of the year anyway. 

I hope reading through these viruses didn’t spook you too much. Understanding the power and potential of malware such as these can only make us more cautious and aware of how we navigate the web. 

A key takeaway I hope you will practice is to be aware of suspicious emails and other web activity. Phishing is very prevalent today due to the shift in hybrid work environments. 

Think before you click.