Top 5 most dangerous computer viruses of all time

1. CIH (1998):

Estimated Damage: $20-80 million worldwide (excluding PC data destroyed).

Originating from Taiwan (June 1998), CIH is recognized as one of the most dangerous and destructive viruses of all time. This virus attacks the executable files of Windows 95, 98 and ME operating systems; have the ability to reside on computer memory to infect and other executable files.

CIH is dangerous in that after only a short time of operation, it can overwrite the data on the computer's hard drive, turning the data into a useless mess. CIH also has the ability to overwrite BIOS information, preventing the computer from booting. Because of its ability to infect executable files, CIH can be widely distributed.

CIH is also known as the Chernobyl virus because the activation time coincides with the day of the Chernobyl nuclear plant explosion.

Today, the CIH virus is no longer dangerous because new operating system platforms such as Windows 2000, XP and NT have been improved.

2. Melissa (1999):

Estimated damage: $300-600 million

On Friday, March 26, 1999, the W97M/Melissa virus spread globally. Statistics show that this Word macro script virus has infected 15/20 business computers worldwide. Melissa spread so quickly that Intel, Microsoft and several other software companies that use Outlook were forced to shut down the entire e-mail system to limit the damage.

Melissa uses Microsoft Outlook to send email attachments (in Word files) of the virus version to 50 e-mail addresses in the user's contact list. The message of the e-mail read: "Here is that document you asked for. don't show anyone else. ;-)". When clicking on the attached .DOC file, the virus will begin to infect the computer and repeat the distribution cycle as above.

3. ILOVEYOU (2000):

Estimated damage: 10-15 million USD

Also known as Loveletter and The Love Bug, this virus is a form of Visual Basic script with a fancy name: the promise of love.

On May 3, 2000, the ILOVEYOU worm was first discovered in Hong Kong, then quickly spread via e-mail with the subject line "ILOVEYOU" with the attached file: Love-Letter-For-You.TXT .vbs. Like Melisa, the ILOVEYOU virus automatically sends messages to contacts in Microsoft Outlook.

The ILOVEYOU virus overwrites music files, photos and some other formats with its own copy. More dangerous, the virus also searches for user names and passwords and sends them to the author's e-mail.

The author of the virus was not convicted as the Philippines did not have a computer crime statute at the time.

4. Code Red (2001):

Estimated damage: $2.6 million

Code Red is a form of computer worm that infects network servers, starting on July 13, 2001. This is an extremely malicious virus because their target is computers running Web server software Internet Information Server (IIS).

The Code Red worm is capable of exploiting a vulnerability in IIS. The irony is that Microsoft has issued a patch for this vulnerability since mid-June before.

Code Red, also known as Bady, is designed to be as destructive as possible. Once infected on the computer, the website hosted on the affected server will display the message: ""HELLO! Welcome to http://www.worm.com! Hacked By Chinese!" The virus then searches for failed servers and continues to infect. After 20 days, the virus will trigger denial of service (DoS) attacks on IP addresses. In less than a week, the virus has infected some 400,000 servers worldwide, with an estimated 1 million computers affected by the virus.

5. SQL Slammer (2003):

Because SQL Slammer is activated on a Saturday (holiday), the estimated damage (in terms of money) is not high. However, the virus also "knocked down" 500,000 servers worldwide, and was the factor that caused a massive "storm" of data, causing the entire Korean Internet to be down for 12 hours.

SQL Slammer, also known as Sapphire, was activated on January 25, 2003. SQL Slammer has a very bad impact on the entire Internet traffic worldwide. Interestingly, this virus does not search for terminal PCs, but only towards the server. SQL Slammer is a single packet of data and sends itself to IP addresses. If the IP address is a computer running an unpatched version of SQL Server Desktop Engine (Microsoft), that server will immediately become infected with a virus and become a tool to attack other IP addresses.

With the above infection method, Slammer can attack 75,000 computers in just 10 minutes, congesting the entire Internet, causing routers to stop working.