1. MyDoom ($38.5 Billion)
The most expensive virus in the world in terms of monetary damage was MyDoom. MyDoom did an estimated $38.5 billion USD in economic damage.MyDoom came in January of 2006, and as of January 2004, it was the fastest spreading virus ever created. MyDoom is believed to have originated in Russia, but the author is still unknown.

It’s believed that MyDoom is a variant of MiMail. Mainly transmitted by e-mail, appearing as an error similar to what a user would get if their mail failed to send.

The user would unwittingly open the attachment in the e-mail and the worm would re-send itself to every address it could find.

The original version contained a payload that did two things: it opened a backdoor into your computer, allowing remote control of your computer, the other, was to perpetrate a DDOS(Direct Denial Of Service) against SCO group’s website.

The other version, MyDoom.B along with the above payload, also contained malicious software that blocked access to Microsoft and Antivirus websites to prevent the user from attempting to remove the virus.

To this Day, MDdoom is still in an active state, re-appearing in 2005 and recently in the 2009 DDOS attacks in South Korea and the United States.

#2. SoBig ($37.1 Billion)

In August of 2003, SoBig appeared, infections millions of computers across the world. SoBig evolved several times, making it hard to catch.

It is a worm that replicates itself, but also is a Trojan, as it disguises itself as something other than malware. It caused an estimated $37.1 billion dollars worth of damage across the globe.

The SoBig viruses infected a host computer via e-mail attachment, using their own SMTP agent to gather e-mail addresses and spread itself.

It was programmed to contact several IP addresses on August 26th 2003 and update itself. There is no clear reason why it was created. And, it even deactivated after only a month of operation. Its author is still unknown.

#3. ILOVEYOU ($15 Billion)

In 2000, ILOVEYOU, also known as the “Love Bug,” exploited human nature by disguising itself as a love letter and tricking recipients into opening it. It was only a matter of hours before computer systems across the world were tied up by this virus.

It has stunned experts with its fast and wide reach. Similar to the Melissa Worm in 1999, ILOVEYOU spread via e-mail with the subject line I Love You, and when the user opened the attached file, it sent copies of itself to the user’s entire address book.

It would look for attachment extensions like .jpeg, .mp3, .css and .hta, overwriting these with its own form and changing the extension to .vbs or .vbe.

This virus affected companies as well as individuals, including the Dow Jones Newswires and the Asian Wall Street Journal. Companies had to close down e-mail systems to help stop the spread. In Australia, a reported 80% of the companies were hit.

#4. Conficker ($9.1 Billion)
Conficker is, to date, the most sophisticated computer worm ever created. It is also among the most recent in viral threats, causing an estimated 9.2 Billion dollars in damage.
Discovered in 2008, conficker used a combination of advanced malware techniques to infect and spread itself. Unlike other malware and viruses, however, the Conficker worm was designed to defend itself from being either detected or removed. Using a fault in networks, it spread rapidly over the internet, using Networks to gain access to large LANs, removable devices and network shares.
Infecting an estimated 9-15 million computers worldwide, it used the infected network to push and pull executable payloads and update itself. It is difficult to detect and remove, as it resets system restore points in windows and disables a number of administrative services in windows.
Using a predefined list of antivirus services, it matched processes in the computer memory to that list, and stopped them from running. It was responsible for installing malware like spyprotect2009 and Waledec, as spambot.
#5. Code Red ($2 Billion)
Code Red, in 2001, is said to be the most expensive virus in history. Self-replicating code exploited vulnerabilities in the Microsoft IIS servers, it spread rapidly as it only needed a network connection to do so; no human interaction or authority was needed.
Code Red II was a more malicious version that appeared later on. Code Red II exploited a vulnerability of the indexing service shipped with Microsoft Windows NT 4.0 and Windows 2000 operating systems. Results were website defacement and severe performance degradation.
Worse, it would strike multiple times on the same system. It affected organizations like Microsoft and Qwest and even media giant Associated Press. According to research, it caused damage upwards of $2 billion dollars.
Microsoft did release a patch to prevent this almost a month before the outbreak. Unfortunately, most operators failed to install it, allowing Code Red and Code Red II to take hold.


Leave a Reply