8 of 17Image
The Win32/Zlob family launched in 2005, and three years later it was the undisputed king of malware. Among infected computers that Microsoft counted in 2008, there was a one-in-four chance that Zlob was to blame.
What made Zlob so effective was was this crude but effective social engineering. The intended victim clicked a link to play a media file, and a dialog box like the one shown here popped up. Users who had been conditioned to install media codecs for various sites found this a perfectly reasonable request.
The primary purpose of Zlob initially was to frighten the victim by displaying persistent pop-up ads for rogue security software. By 2008, it had become a vehicle for delivering DNS changers and early versions of rootkits, as this Trend Micro analysis makes clear. It was also one of the first attempts at cross-platform malware, with a Mac version discovered in 2007.
Today, Zlob is mostly a bad memory and is no longer widely found in the wild. But its descendants are still going strong.