5 of 10Image
Named after a lapdancer and released in a document posted to the alt.sex Usenet newsgroup, Melissa had a salacious start in life. Users who opened the document, eager to read the 80 passwords to porn sites promised within, found that the document immediately forwarded itself to the first 50 people in their address book. Which could take a whole lot of 'splainin.
The virus created so much email that many companies had to turn off their internet gateway to regain control of their systems. As a result, the writer — a 30-year-old man called David Smith — got a 20-month prison sentence, despite helping the FBI track down and nab other virus writers.
Photo credit: JR Whipple
The ILOVEYOU worm was a devastatingly fast-spreading and effective combo of social engineering and Windows design flaw exploitation. The cost of clean-up and lost work due to the worm, also known as the Love Bug, is thought to total between $5bn and $10bn.
The worm was the work of two Filipino students who were caught, but the case was dropped because there was no applicable law at the time. ILOVEYOU used Microsoft's Visual Basic Scripting (VBS) to forward itself to the contents of the host's Outlook address book. It also overwrote files with copies of itself and tweaked the Windows registry.
It spread around 15 times faster than Melissa, according to the US Army. With at least 50 million computers infected and many large organisations having to shut off internet access, ILOVEYOU highlighted the vulnerabilities within Windows and sparked off large amounts of criticism and me-too infections.
Photo credit: F-Secure
A specialized worm that demonstrated quite how subtle attack vectors could be, Santy used search engines — Google at first, then Yahoo and AOL — to find vulnerable sites running phpBB bulletin board software, which it then attacked. It spread worldwide in less than three hours.
The most unusual aspect of the worm was that someone then produced an anti-Santy worm that used the same techniques to find and infect phpBB installations, but then patched the problem and inoculated the sites against further attack.
Photo credit: CNET News