6 of 10Image
ILOVE YOU Love Bug
5. ILOVEYOU (2000)
The ILOVEYOU worm was a devastatingly fast-spreading and effective combo of social engineering and Windows design flaw exploitation. The cost of clean-up and lost work due to the worm, also known as the Love Bug, is thought to total between $5bn and $10bn.
The worm was the work of two Filipino students who were caught, but the case was dropped because there was no applicable law at the time. ILOVEYOU used Microsoft's Visual Basic Scripting (VBS) to forward itself to the contents of the host's Outlook address book. It also overwrote files with copies of itself and tweaked the Windows registry.
It spread around 15 times faster than Melissa, according to the US Army. With at least 50 million computers infected and many large organisations having to shut off internet access, ILOVEYOU highlighted the vulnerabilities within Windows and sparked off large amounts of criticism and me-too infections.
Photo credit: F-Secure
6. Santy (2004)
A specialised worm that demonstrated quite how subtle attack vectors could be, Santy used search engines — Google at first, then Yahoo and AOL — to find vulnerable sites running phpBB bulletin board software, which it then attacked. It spread worldwide in less than three hours.
The most unusual aspect of the worm was that someone then produced an anti-Santy worm that used the same techniques to find and infect phpBB installations, but then patched the problem and inoculated the sites against further attack.
Photo credit: CNET News
7. Conficker (2008)
This Windows worm, also known as Downadup, hit up to 15 million Microsoft servers, causing operational problems for the British, German and French military among many others. Its use of encryption and stealth code hiding made it very difficult to eradicate, as have its constant revisions: it went through five major updates in six months.
Those revisions have demonstrated that the Conficker writers are closely observing and reacting to industry efforts to eradicate the malware. In response, Microsoft convened a working group of companies across the internet and security markets, and put up a $250,000 bounty for information leading to the conviction of the miscreants.
Photo credit: Gppande