Good day, friends! As you know, security and protection of your electronic friend are pressing issues for a huge number of users. Cunning worms and insidious Trojans are constantly roaming the Internet, trying to sneak through loopholes on your PC and wreak havoc on your hard drive. Today I invite us all to remember the most famous computer viruses of our time.
Eight new-age malware
First, let's make a short list of all these malicious utilities, and then I will talk about each in more detail, including the newest and most tricky ones. So here are these scoundrels:
- ILOVEYOU – 2000;
- Nimda - 2001;
- SQL Slammer/Sapphire – 2003;
- Sasser - 2004;
- Storm Trojan - 2007;
- Conficker - 2008;
- Wannacry – 2017;
- Petya – 2017.
I LOVE YOU
This virus is considered the pioneer of large-scale computer infections around the world. It began spreading on the night of May 5 in the form of emails with a malicious script attached.
When he opened this letter, he immediately began sending himself using the Microsoft Outlook contact sheet (at that time this program was considered the height of perfection for sending emails). Over the next few days, it infected about 3 million PCs around the world and overwrote files on them. The damage from its destructive activities amounted to approximately 1015 billion dollars. For this, the ILOVEYOU virus even entered the Guinness Book of Records, receiving the “honorary” title of the most destructive virus.
Nimda
This malware spread in a matter of minutes. Its scripts were written in such a way that it affected not only the computers of ordinary users, but even server parts under Windows control NT and 2000, which at that time had enough powerful protection. He penetrated HDD via email distribution. The targets of infection were Internet portals that did not have the necessary protection system.
This worm was attributed to the authorship of Al-Qaeda (a terrorist organization banned in the Russian Federation). However, no evidence was received. According to rough estimates, the damage from the virus amounted to more than $50 million, and then networks of banks, hotels, federal courts, and so on collapsed.
SQL Slammer/Sapphire
A notable feature of this worm is its small size. It weighed only 376 bytes, but these bytes infected about 75 thousand computers in the world in 10 minutes. As a result of his attack, networks were shut down emergency services, many hosts crashed, and Internet access disappeared at a nuclear power plant in Ohio, USA.
Sasser
The epidemic of this worm began at the end of April 2004. Within a few days, the worm managed to infect about 250,000 computers around the world. After infecting one device, the worm gained access to the Internet and looked for computers with a vulnerability through which it could get there. The virus did not cause any particular harm or mischief - it just sent the computer into an endless cycle of reboots.
Interestingly, its author was not a bearded hacker with a powerful desktop, but an ordinary 17-year-old teenager from Germany with a home PC. He was identified quickly enough, after which he was sentenced to probation. It is difficult to explain why, because his creation sabotaged the work of airlines, hospitals, post offices, the British coast guard and many other social institutions and caused damage of 18 billion dollars.
Storm Trojan
8% of infected computers out of the total number around the world - this is the result of the march of the Storm Trojan virus across the planet. The principle of its operation is very common - it involved infecting a PC and connecting to the so-called botnet. In it, a huge number of computers were connected into one network, without the knowledge of the owners, which served the only purpose - massive attacks on powerful servers. It was quite difficult to neutralize him, since he independently changed his code every 10 minutes.
Conficker
The Conficker worm exploited vulnerabilities operating systems and disabled many services, including security. It is considered the “progenitor” of malicious programs that are distributed via USB drives. In them, he created the autorun.inf file, which I'm sure many of us have seen.
By the way, you can still find a type of virus that hides files on storage media and replaces them with its own shortcuts. I have already described how to restore visibility to such files in the article.
Its purpose is the same as the previous one - uniting infected PCs into a common botnet. In this way, he was able to “subjugate” a huge number of machines and bring down the networks of not only ordinary companies, but also the defense ministries of Germany, France and the UK. According to the most conservative estimates, it caused damage in the amount of $9 billion.
Wannacry
Today, only those who don’t surf the Internet or watch TV have never heard of Wannacry. It belongs to the family of viruses Trojan Winlock. This cutting-edge, cunning and incredibly clever network worm, also known as ransomware, works as follows: it encrypts the vast majority of files stored on the hard drive, after which it locks the computer and displays a ransom window. It was proposed to transfer the money in the form of bitcoins, a modern cryptocurrency. The worm was able to infect about 500,000 people in 150 countries, with India, Ukraine and Russia being the most affected.
It is known that the hackers were able to obtain $42,000 from their victims. The attack was stopped by accident. It was discovered that before starting to encrypt files, the malware accesses a non-existent domain, and if it does not exist, the process begins. It was a small matter - the domain was registered, and the procession of Wannacry stopped. So the world was saved from the computer apocalypse. On this moment the damage is estimated at $1 billion. The virus has disrupted the work of many banks, transport companies, and dispatch services. If not for the miraculous rescue, millions of people could have gone bankrupt or died in train and plane accidents. According to experts, this was a significant case. Now it has become clear to everyone how dangerous modern unusually complex and carefully designed fraudulent schemes are.
They began to fight information crime very seriously, including in our country. However, just a month later in June 2017, the Petya virus appeared.
Petya
The Petya ransomware virus is a trend in June 2017. It is very similar to Wannacry, but there is a significant difference - it does not encrypt separate files, but blocks all hard entire disk. Its creators relied on fans of unlicensed software, because not every user follows official Microsoft updates, namely in one of them a patch was released that closed the hole through which Petya now gets to the PC.
It is distributed through attachments to emails. If the user runs this file, the computer will reboot and a simulated disk check for errors will appear on the screen. After this, a red skull will appear in front of your eyes across the entire monitor. To decrypt the hard drive you need to transfer a certain amount in bitcoins.
Experts believe that the more technology develops, the more people will want to use it to deceive their neighbors. This is the harsh reality of the 21st century.
According to statistics, in 2016, about 650,000,000 rubles were stolen from Russians’ bank cards. This is 15% less than in 2015. Sociologists believe that the residents of our country have seen through the majority. However, new, previously unknown ways to lure money out of your wallet appear almost every day.
This is the list of the most famous and dangerous viruses that infect people’s electronic assistants in the 21st century. If you were interested in reading about them, share the article on in social networks so that your friends also know about this danger. Also don't forget to subscribe to blog updates!
PS: Amazing facts
Dear reader! You have watched the article to the end.
Have you received an answer to your question? Write a few words in the comments.
If you haven't found the answer, indicate what you were looking for.
VILNIUS, May 13 - Sputnik, Georgy Voronov. A ransomware virus has infected computers around the world.
It all started in Spain, but the uproar arose after a cyber attack on British medical institutions, because the computers of hospitals and clinics were hacked there, and there was a danger to people's lives.
This virus, one of the so-called crypto-viruses or encryptors, encrypts any files, and reverse decryption is possible for a fee. The ransomware in question is WCry, also known as WannaCry ( Wanna Decryptor) or WannaCrypt0r 2.0. He encrypts the information on the computer and demands a ransom of $300 to $600 in Bitcoin for decryption.
According to the influential group of cybersecurity experts MalwareHunterTeam, servers in Russia and Taiwan suffered the most as a result of the virus attack. They were also hit hard computer systems Great Britain, Spain, Italy, Germany, Portugal, Turkey, Ukraine, Kazakhstan, Indonesia, Vietnam, Japan and the Philippines.
Capture history
“The new virus is spreading at a hellish rate,” MalwareHunterTeam researchers report.
Avast antivirus recorded 57 thousand hacker attacks using the WannaCry virus on Friday, the company’s blog reports. This virus was noticed by company specialists back in February, but on Friday it began to spread massively new version hacker program.
In turn, Kaspersky Lab on Friday recorded 45 thousand hacker attacks in 74 countries around the world using WannaCry virus, with the largest number of infection attempts occurring in Russia. The computers of the largest companies and federal ministries, including Sberbank, Megafon, the Ministry of Internal Affairs and the Ministry of Emergency Situations, were attacked.
Who is guilty?
The US has offered international assistance to combat virus attacks. The American Department of Homeland Security (DHS) has announced its readiness to provide technical support and assistance in the fight against the WannaCry ransomware. The statement notes that a patch was released in March to address the vulnerability to the virus. Installing the patch helps protect the operating system from this threat, the ministry said.
“We are actively sharing information related to this event and stand ready to provide technical support and assistance as needed to our partners both in the United States and internationally,” the statement said.
Meanwhile, former American intelligence officer Edward Snowden wrote on his Twitter that during the global hacker attack could be used on Friday computer virus, originally developed by the US National Security Agency (NSA).
"The NSA's decision to create tools to attack American software now threatens the lives of patients in hospitals," Snowden said. "Despite warnings, the NSA developed such tools. Today we see the cost."
Protect yourself
Experts note that those computers that are not updated are vulnerable. In fact, if you keep your Windows up to date, there won't be any problems. In cases of infection, a very large percentage is the human factor.
Such crypto-viruses are mainly distributed in the form of electronic messages. They can be received from acquaintances whose computers have been hacked, or from strangers. The letters contain an attachment.
There are two ways of infection. In one case, it is an Excel file, basically a zip file, people open the attachment in e-mail and a process is immediately launched that encrypts the files. The second option is macros. In a programme " Microsoft Office"There are so-called macros that work in the same "Word" or "Exel". These are, so to speak, additional programs. Now, if you launch a "Word" file, you are asked: are there macros in the file, activate? You click " Ok" and the macros start loading viruses."
If you do not open attachments received from strangers, as well as unusual files received from friends, then infection with a crypto virus is unlikely to occur.
The disruptions in the work of the traffic police departments have been eliminated. This was stated by the press service of the Ministry of Internal Affairs. Earlier it became known that in a number of Russian regions, in particular, a problem arose with the issuance of driver’s licenses. The computers of ministry employees were infected with a virus that quickly spread throughout the world.
In Russia, in addition to the Ministry of Internal Affairs, the malicious program penetrated the networks of the Ministry of Emergency Situations, Russian Railways, Sberbank, and Megafon. In general, by this minute, companies and departments report that the problem has been localized or resolved. And Microsoft took extraordinary measures: it released an emergency update that eliminates vulnerabilities not only for the latest operating systems, but also for outdated Windows XP. It has not been officially supported since 2014, although it is still very popular.
British doctors have called their work in the last 24 hours a return to the paper age. If possible, planned medical procedures are postponed for several days, and care is given first to emergency patients. Until now, it has not been possible to completely restore the operation of the computers that kept patient records, test results, and much more. The cause was the WCry virus - an abbreviation for English Wanna Cry(translated as “I want to cry”).
It soon became clear that such emotions were not only experienced in Britain. Then there were reports that the virus had infected the computers of the Spanish telecommunications giant Telefonica, then spread to France, Germany, Italy, and Romania. A malicious program spread across the planet like wildfire.
“We are actually watching a cyber apocalypse scenario unfold today. Alarming developments affect the entire industry. In the last 24 hours alone, 45 thousand systems in 74 countries were infected,” said the expert on computer security Varun Badhwar.
Each system is sometimes not even hundreds, but thousands of computers. On the screens of each of them, users saw a message translated into dozens of languages. It says that all information on the computer is encrypted, and you must pay for decryption and the ability to continue working. Depending on the country - 300 or 600 dollars.
Similar ransomware viruses have been known for many years, however, if previously ordinary users encountered this more often, now the main blow has fallen primarily on organizations that, without exaggeration, are of strategic importance for each country.
“It’s clear that they hit the most critical ones. And it is clear that criminals will always look for the most vulnerable points, that is, those who will really pay. And this simply speaks of cynicism,” said Adviser to the Russian President on Internet Development German Klimenko.
Russia is also among the victims. Just the day before, the first data appeared that a malicious program had penetrated the computers of the Ministry of Internal Affairs. Reports of the consequences of failures came from different regions. Thus, in Zhukovsky near Moscow, according to the testimonies of visitors, the computers in the passport office did not work the day before. Several cities at once had to temporarily suspend the issuance and replacement of driver's licenses and car license plates.
"IN currently the virus is localized. Conducted engineering works for its destruction. Leakage of proprietary information from information resources The Ministry of Internal Affairs is completely excluded,” said the official representative of the Russian Ministry of Internal Affairs, Irina Volk.
There is a rush for programmers and in the information center of the Russian railways" The virus has penetrated there too. The extent of the problem is not known, but it is known that some passengers encountered inconvenience when issuing tickets online.
“The virus is currently contained. There were no technological failures within the network. Accordingly, this virus attack did not affect the transportation of goods and passengers. There is no security threat,” said Russian Railways spokeswoman Ekaterina Gerasimova.
Large Russian companies such as Megafon and Yota also encountered problems. Obviously, there are many more victims, but most prefer not to talk about it. Most companies restore systems from so-called backup copies databases that are periodically stored on special servers.
Meanwhile, law enforcement agencies different countries trying to get on the trail of the hackers who organized the attack around the world. Although this is extremely difficult to do. After all, it is still not clear from which country the virus was launched. The British newspaper The Telegraph, however, has already rushed to blame the notorious “Russian hackers” for the incident.
However, even Western experts were skeptical about such a pursuit of sensation. After all, the most swipe The virus just hit Russia. According to independent antivirus companies, the largest number of infected computers is in our country.
It is also already known that in fact hackers did not come up with anything new. They just used a program that was stolen from the United States National Security Agency. This was reported by former employee of this American intelligence agency Edward Snowden.
From E. Snowden’s Twitter: “Wow, the NSA’s decision to create tools to attack American software is now putting the lives of hospital patients at risk.”
According to Snowden, the hackers merely modified a program that the US National Security Agency used to spy on users around the world.
Intelligence agencies have been exploiting a vulnerability in the Windows operating system for many years. And only recently in Microsoft caught on.
"Users free antivirus Microsoft and updated Windows versions protected. Back in March, we added a security update that provides additional protection against a potential attack,” said Microsoft Russia spokeswoman Kristina Davydova.
It is unknown who is now using the secret developments of the American intelligence services. And even if you pay the criminals, the financial trail will lead nowhere. After all, payment for computer resuscitation is accepted exclusively in bitcoins. This is one of the most popular so-called cryptocurrencies today. Not money, but a digital code that is simply impossible to track.
“Why do hackers always ask for bitcoins? As you remember from movies about pirates, they loved gold most of all. Why? Because it is passed from hand to hand. It is impossible to trace how this process takes place. The same thing happens with modern pirates and hackers. They always want to get bitcoins because it is an uncontrolled way of exchanging value,” says Internet technology specialist Grigory Bakunov.
In any case, specialists digital technologies Still, they advise not to pay extortionists. Firstly, there is no guarantee that they will not be deceived, and then, if you pay once, then in the future, most likely, you will have to pay more.
Antivirus companies promise to release protection before the start of the new work week. The message about the first success has already come from the same Britain. One of the programmers completely accidentally managed to stop the spread of the virus.
Svetlana Petrenko, representative of the Investigative Committee: “There were no hacker attacks on the resources of the Investigative Committee. Everything is working as normal."
TASS, citing a police source, reports that the Ministry of Internal Affairs also did not record any hacker attacks.
Source: “As of 20:00 Moscow time one system information and analytical support for the department’s activities was not hacked.”
According to a number of users, we are talking about the WCry virus (also known as WannaCry or WannaCryptor) it encrypts the user’s files, changes their extension and requires you to buy a special decryptor for bitcoins.
Avast employee (antivirus developer) Jakub Kroustek reported on Twitter that at least 36 thousand computers around the world have already been infected. Most of them are located in Russia, Ukraine and Taiwan.
It was previously reported that the ransomware virus was in hospitals across the UK. A map of the spread of the virus around the world has already appeared on the Internet.
Due to a hacker attack, the Russian operator Megafon had to shut down part of its computer network. As the operator’s director of public relations, Pyotr Lidov, said, employees’ computers began to suddenly reboot, and after the reboot, a window appeared demanding to pay $300, which did not allow them to continue working.
Peter Lidov: “The scale is quite large, affecting most of the regions of our country. But we are coping, now together with Kaspersky Lab (whose solutions Megafon uses for protection) we are resolving this issue.”
Spanish media reports that local telecommunications company Telefonica has also been attacked by ransomware. The hackers demanded payment of the equivalent of 509,487 euros by May 15. If this does not happen, the attackers threatened to delete all archives to which they gained access.
The Financial Times, citing cybersecurity analysts, writes that the attacks in the UK and Spain used a modified malware from the US National Security Agency (NSA). According to experts, the American intelligence tool known as eternal blue was combined with the WannaCry ransomware.
British Prime Minister Theresa May commented on what is happening in global cyberspace. According to her, attacks on the country's hospitals are part of a global hacker attack.
Theresa May: “We know that a number of medical institutions reported a hacker attack. This attack was not aimed specifically at the NHS (National Health System ed.). This is part of an international hacker attack that affected institutions in different countries... We have no information that patient information fell into the wrong hands.”
Internet expert Grigory Bakunov said on the radio station “Echo of Moscow” that the virus only threatens computers based on the Windows operating system. Most smartphone owners have no need to worry.
Grigory Bakunov: “This malware tries to work with government and large structures, but they also suffer ordinary people. Everyone has this hole in Windows, and it’s not difficult to exploit. And if the computer didn't receive Last update from Windows, it is vulnerable. However, this does not apply mobile systems, such as Android and iOS."
Loading...
