A computer worm is a type of malware that spreads copies of itself from computer to computer. A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage.
How do computer worms work?
Worms can be transmitted via software vulnerability. Or computer worms could arrive as attachments in spam emails or instant messages (IMs). Once opened, these files could provide a link to a malicious website or automatically download the computer worm. Once it’s installed, the worm silently goes to work and infects the machine without the user’s knowledge.
Worms can modify and delete files, and they can even inject additional malicious software onto a computer. Sometimes a computer worm’s purpose is only to make copies of itself over and over — depleting system resources, such as hard drive space or bandwidth, by overloading a shared network. In addition to wreaking havoc on a computer’s resources, worms can also steal data, install a backdoor, and allow a hacker to gain control over a computer and its system settings.
Different types of Computer Worms:
- Email Worms: Email Worms spread through infected email messages as an attachment or a link of an infected website.
- Instant Messaging Worms: Instant Messaging Worms spread by sending links to the contact list of instant messaging applications.
- Internet Worms: Internet worm will scan all available network resources using local operating system services and/or scan the Internet for vulnerable machines. If a computer is found vulnerable it will attempt to connect and gain access to them.
- IRC Worms: IRC Worms spread through IRC chat channels, sending infected files or links to infected websites.
- File-sharing Networks Worms: File-sharing Networks Worms place a copy of them in a shared folder and spread via a P2P network.
How to protect yourself?
- Three basic steps should protect most users against most computer worms. First, a computer’s user accounts should be set so that day-to-day use is run as a “limited” user who cannot automatically install the software. Administrative accounts with full installation rights should be used only to install, modify or delete the software.
- Second, all network firewalls, whether in a computer or on a network, should be turned on to limit unauthorized network activity, and the computer’s operating system should be set to automatically install system updates.
- Third, robust anti-virus software should be installed and set to automatically update and scan. Free anti-virus software will do the job, but paid products add important features such as download and attachment scans and malicious website screening.
Top destructive worms of all time
1. I Love You:
This is one of the first majors, and still most damaging, computer virus ever created. Created by Filipino programmers Reonel Ramones and Onel de Guzman, this virus infected computers through email.
It appeared as a love confession for the recipient. Once people clicked on the attachment, it immediately sent itself out to everyone in the user’s email list, as well as overwriting files and making the computer completely unbootable.
The computer would also copy passwords and then send them back to the virus authors. This was potentially catastrophic for large corporations and governments.
Spreading to roughly 50 million computers in just 10 days, it caused the CIA, Pentagon and a host of large corporations to shut their email systems down. The total damage is estimated at between $10 – $15 billion dollars.
2.Melissa:
This virus was created by David L. Smith in 1999 and came at a time when people were still relatively trustworthy of suspicious links.
The virus was initially masked as an infected Microsoft Word document that was posted as a list of passwords to pornographic websites.
At that time, a list of that nature was high in demand and many people tried to download and open it. However, when they did, they got a nasty surprise.
The virus would send itself to the top 50 people in the user’s address book and this put a lot of pressure on email traffic worldwide. It was so disruptive government and corporation email services were affected, and some corrupted documents even had Simpsons references inserted into them.
Because he helped the FBI in catching other virus creators, Smith famously got off after only 20 months in prison and a $5000 fine. It is estimated that the Melissa virus caused $80 million worth of damages.
3.Code Red:
In July 2001, a nasty worm was discovered, dubbed Code Red—named so because the discoverers were drinking Mountain Dew Code Red at the time.
The worm exploited a vulnerability in Windows NT and 2000, causing a buffer overflow by sending a string of random data. This would cause the computer to overwrite memory with new instructions from the worm.
Some computers would crash and others would launch an attack on the White House website. The worm then tried to make 100 copies of itself and also changed local server pages to the infamous “Hacked by Chinese.”
The infection is estimated at more than 1,000,000 computers with more than $2.6 billion in damages.
4.Sobig Worm (Sobig.F):
The Sobig Worm was an August 2003 computer worm that infected connected Microsoft Windows computers.
Sobig was not only a computer worm based on its replications but also a Trojan because it tries to mask itself. The variant F was the most successful, but earlier variations were attempted. Sobig.F would usually arrive in emails with the subject like Re: Thank you!, Your details, “Re: Details,” and many others.
Due to the sheer volume of emails that it was able to send, the worm eventually brought down computer traffic in Washington, D.C., slowed down the computer systems of large corporations and even caused Air Canada to be grounded. An estimated 2,000,000 computers were infected with roughly $37 billion in damages.
5.Mydoom:
Perhaps the biggest, or at least most damaging, of all 5 top computer viruses, MyDoom definitely takes the cake.
Mydoom was discovered by a Craig Schmugar, a McAfee employee at the time, who noticed the line of text ‘mydom’ in the program’s code. He added doom into it, believing that this worm would be huge.
And he was not wrong. Mydoom became one of the fastest email worms to spread around the world since ILOVEYOU. The worm appears as an email transmission error and has an attachment of itself. If the user clicks on it, it immediately sends itself to all the email addresses in the user’s address book.
It spread like wildfire across the internet, and many believe on the day of its release that it slowed the internet down by up to 10%. It has infected roughly 2,000,000 computers and is estimated to have caused $38 billion in damages.