Trend Labs - 10 of most dangerous malware attacks of all-time
An interesting look at some of the worst recent and historical attacks:
Looking Back: Six Years Since MSBLAST
QUOTE: TrendLabs experts are regularly asked what—in their opinion—are the most dangerous malware of all time.
1. CONFICKER (DOWNAD): Multiple Propagation, Multiple Damage – Found in November 2008, this massive threat took advantage of the MS08-067 vulnerability. It spawned several other variants, each new variant an improvement over the last. It impacted LAN traffic in several corporate networks.
2. KOOBFACE: The Scourge on Social Networks – Initially found in August 2008, KOOBFACE leveraged on the connectivity serviced by social networking sites like Facebook and MySpace.
3. ZBOT: Organized Information Theft – Also known as variants of Zeus malware, ZBOT Trojan spyware are usually delivered via the Web either by email or Web exploits.
4. SQL Slammer: Single-Handed Internet Sabotage – This attack is notorious for drastically slowing down general Internet traffic in the early morning of January 25, 2003 (UTC).
5. VBS_LOVELETTER: Internet Love Bug – This attack with a remarkably simple yet effective social engineering (the string “ILOVEYOU” in the subject heading) that triggered curiosity of recipients first plagued email inboxes in May 4, 2000. It infected 10% of computers worldwide, with each harboring an average of 600 infected files.
6. Melissa Virus – The first mass-mailer (started in March 1999); shut down entire Internet mail systems clogged with infected emails
7. MSBLAST – One of the more memorable network worms to take advantage of system vulnerabilities. It was first triggered around this time in the year 2003.
8. SDBOT/AGOBOT – Pioneered modular IRC-based botnets; current IRC bots still use the same codebase; still alive today
9. Web Toolkits – Collective term for commercial-grade software that aid cybercriminal activity; allegedly responsible for high-profile web compromises like the “Italian Job”
10. ILOMO – Trojans arriving via Web-based exploits that stay active in memory even after the binary has been deleted from the system resulting to multiple, recurring reinfections (first appeared March 2009)