The first known computer virus, Brain, in 1986, developed by brothers Amjad and Basit Farooq Alvi from Pakistan, came into existence as an anti-piracy tool. However, not all the malicious programs since then have had ethical motives. Some have become important parts of history due to the sophistication of their codes, which continue to impress researchers to this date.
So what are the most notorious malware attacks that changed the way we use and know computers?
What Are the Common Types of Malware Attacks?
Hackers use 11 common types of malware attacks for the purpose of data theft and other illegal activities. Here are the common types you are most likely to encounter.
- Adware—Advertisement-supported software serving unwanted and often malicious ads without user consent.
- Ransomware—Encryption based malware that disables access to user data with a demand for ransom.
- spyware—Covertly gathers personal and sensitive information about a person or organization.
- trojans—Malware software often disguised as a legitimate tool designed to gain access to user data.
- worms—Computer worm malware usually spreads copies of itself from computer to computer, often via email contacts of the victims.
- Keyloggers—A potent tool to steal user information by recording keystrokes on victims’ computer.
- root kit—A covert computer program to give hackers remote access to a victim’s computer without being detected.
8 Most Notorious Malware Attacks of All Time
Here are some of the worst malware attacks you need to know about. Because knowledge is your first line of defense.
1. Emotet, Trojan (2018): The King of Malware
In 2021, law enforcement and judicial authorities disrupted what’s touted as the world’s most dangerous malware, Emotet. It’s a computer malware, first detected in 2014 and primarily targets the banking and health institutions.
Emotet became famous in 2018 after infecting the Fürstenfeldbruck hospital in Germany, forcing them to shut down 450 computers. In the same year, the US Department of Homeland and Security identified it as among the most destructive malware.
It spreads via Outlook harvesting, where the Trojan reads emails from the victim’s computer and sends phishing emails containing a Word document to the victim’s contacts, making it appear as if the content is from a trusted source.
2. WannaCry, Ransomware (2017)
Even someone who hasn’t been directly affected or isn’t up to date with cybersecurity took notice of WannaCry. In May 2017, a ransomware attack took the cyberworld by storm by targeting computers running Microsoft Windows.
With an estimated 0.2 million victims and 0.3+ million infected computers, it was particularly controversial for its spread. Hackers allegedly used EternalBlue, a National Investigation Agency (NSA) exploit for older Windows systems stolen in 2016 and leaked by The Shadow Broker group to carry out the attack.
Once infected, WannaCry encrypts files on the PC’s hard drive, denying access to any data on the system. In return, the victim is forced to pay a ransom via Bitcoin to decrypt their data. In a major attack, a new variant forced Taiwan Semiconductor Manufacturing Company (TSMC) to temporarily shut down its manufacturing facilities to control the spread in 2018.
3. Petya/NotPetya, Ransomware (2017)
In June 2017, the internet woke up to an enhanced ransomware attack spreading like wildfire, leaving the affected systems unusable. Ransomware Petya (and its variant, NotPetya) uses the same EternalBlue exploit as WannaCry to remotely infect unsuspecting victims via an email phishing attack.
The malware first came to light in March 2016 but became famous after targeting banking and other institutions, primarily in Ukraine and Russia, in 2017.
Petya is different from other ransomware variants as it targets the Master Boot Record (MBR) in addition to system file encryption. Like all ransomware attacks, the user had to pay the said amount in Bitcoin; however, the virus had no decryption code to restore the data.
4. Stuxnet, Worm (2010)
In one of the most sophisticated and controversial cyberattacks of all time, Stuxnet, a malicious computer worm, reportedly targeted Iran’s nuclear facility. According to a NY Times report, this worm was developed by a co-operation between the Israeli Intelligence and US National Security Agency, although none of the countries have openly taken responsibility.
Stuxnet was originally designed to target Programmable Logic Controllers (PLCs) used to automate the electromechanics and machine process. It was also one of the first known cases of a computer program capable of breaking hardware.
Although Stuxnet was reportedly designed to expire in June 2012, since then, other malware based on its code and characteristics has continued to wreak havoc in the industrial setup suggesting that Frankenstein’s Monster has spread beyond the creator’s control.
5. Zeus, Trojans (2007)
Zeus, also known as Zbot, is a Trojan horse malware discovered in 2007 after the cyberattack on the United States Department of Transportation. It uses the man-in-browser keystroke logging and form-grabbing method to steal banking information.
A key capability of Zeus is to create a botnet consisting of infected machines. By 2009, Zeus had reportedly compromised over 74,000 FTP accounts including banking, government, and private entities, like Bank of America, NASA, Monster.com, ABC, Oracle, Cisco, and Amazon. It had also infected 3.6 million PCs in the US that year alone.
Even though the threat has dwindled since the purported retirement of the original Zeus creator, the virus still lives on in numerous variations based on its source code.
6. Storm Worm, Trojan (2007)
As severe storms swept over Europe in January 2007, thousands of users received a malicious email disguised as a weather bulletin containing updates. As the unsuspected victims opened the attachments, Storm Worm, a Trojan horse malware, spread to as many as 1 million computers in Europe and America.
Strom Worm is a misnomer, as it had the characteristics of a Trojan horse and a worm. Combining multiple layers of attacks, once infected, it would download a package of executable files on the affected systems.
These files were used to carry out various functions, including stealing sensitive user information, delivering spam emails to spread the malware, and launching Distributed-Denial-of-Service (DDoS) attacks.
Upon investigation, the origin of Strom Worm was traced back to Russia, and the Russian Business Network is often credited for the attack. The group reportedly used the sophisticated botnet as a for-hire product against anti-spam websites, among others.
7. Mydoom, Worm (2004)
On a financial scale, Mydoom is known to be the worst and most expensive virus outbreak in history, causing damage of $38 billion in 2004. After the initial detection on January 26, 2004, it became the fastest-spreading worm ever, a record it holds even in 2021.
Mydoom targeted computers running Microsoft Windows, where the infected systems created network openings, allowing it to be remotely accessible. The worm would scrape email addresses and spread the virus to the victim’s contacts.
The process would repeat for each infected system, eventually roping them into a botnet used to perform DDoS attacks.
8. SQL Slammer, Worm (2003)
By exploiting a buffer overflow vulnerability in Microsoft SQL Server 2000, the SQL Slammer worm caused a DoS for many hosts, ultimately slowing down systems worldwide.
Touted to be the fastest spreading computer malware in history, SQL Slammer, a malicious code of 376 bytes, relied on the buffer overflow bug to infect SQL servers and systems running an unpatched version of Microsoft SQL Server 2000.
Despite the scale of the attack, the damage was limited to the crashing of SQL servers, bringing the internet to a standstill. It included knocking off Bank of America’s 13,000 ATMs and cell phone coverage outages affecting 27 million people. Since the code did not write onto the disk, infected systems were back up and ready to go after a reboot.
Protecting Yourself From Online Threats
Malware attacks like Storm Worm and SQL Slammer have served as a double-edged sword. While they showed the potential of cyberattacks, they also led to enhancements in online security.
Despite these, the basic principles of malware prevention have largely remained the same. Keep your computer and other devices updated, use a non-administrative account if possible, don’t download cracked software or pirated content from shady sites, and use antivirus software.
10 Steps to Take When You Discover Malware on Your Computer
About The Author