List of computer worms
| Name | Alias(es) | Type | Subtype | Isolation date | Isolation | Origin | Author | Notes |
|---|---|---|---|---|---|---|---|---|
| Badtrans | Mass mailer | November 24, 2001 | Installed a keylogger; distributed logged information | |||||
| Bagle | Beagle, Mitglieder, Lodeight | January 18, 2004 | Mass mailer | |||||
| Blaster | Lovesan | August 11, 2003 | Gruel.exe Makes all exe's unusable so the computer probably can't reboot | Hopkins, Minnesota | Jeffrey Lee Parson | Targeted toward Bill Gates; contained message "billy gates why do you make this possible ? Stop making money and fix your software!!" | ||
| Brontok | W32/Rontokbro.gen@MM, W32.Rontokbro@mm, BackDoor.Generic.1138, W32/Korbo-B, Worm/Brontok.a, Win32.Brontok.A@mm, Worm.Mytob.GH, W32/Brontok.C.worm, and Win32/Brontok.E, W32.Rontokbro.D@mm. | October 3, 2005 | Indonesia | Spread through an Indonesian e-mail headed with "stop the collapse in this country"; destroys firewalls | ||||
| BuluBebek | W32/VBWorm.QXE | October 10, 2008 | ||||||
| Code Red | DoS payload, Defacement payload | July, 2001 | Exploited Microsoft Internet Information Services to deface web pages and DOS a few set IPs. | |||||
| Daprosy Worm | Worm.Win32.VB.arz, W32.Autorun.worm.h, W32/Autorun-AMS, Worm:Win32/Autorun.UD | Trojan worm | Mass mailer | July 15, 2009 | Replaces folders with .EXE's, key logger, slow mass mailer | |||
| Code Red II | August 4, 2001 | Exploited Microsoft Internet Information Server security holes. | ||||||
| Dabber | W32/Dabber-C, W32/Dabber.A | May 14, 2004 | ||||||
| Doomjuice | Feb 11, 2004 | Attack computers that had previously been infected by the Mydoom worm. | ||||||
| ExploreZip | I-Worm.ZippedFiles | June 6, 1999 | Spread through zipped documents in a spam e-mail. | |||||
| Father Christmas | HI.COM | December 1988 | ||||||
| Hybris | Snow White, Full Moon, Vecna.22528 | December 11, 2000 | Brazil | Vecna | Spread through an e-mail from "[email protected]" | |||
| ILOVEYOU | Loveletter, LoveBug | Worm | May 4, 2000 | Manila, Philippines | ||||
| Kak worm | October 22, 1999 | On the first day of any month, if the time was after 5pm, Kak displayed a popup message box that read: "Driver Memory Error - Kagou-Anti-Kro$oft says not today !" Dismissing it would reboot the computer and then display the message again. | ||||||
| Klez | October 2001 | |||||||
| Koobface | December 2008 | Targeted MySpace and Facebook users with a heading of "Happy Holidays" | ||||||
| Morris | November 2, 1988 | Robert Tappan Morris | Widely considered to be the first computer worm. Although created for academic purposes, the negligence of the author unintentionally caused the worm to act as a denial of service attack. It spread by exploiting known vulnerabilities in UNIX-based systems, cracked weak passwords, and periodically altered its process ID to avoid detection by system operators. | |||||
| Mydoom | W32.MyDoom@mm, Novarg, Mimail.R, Shimgapi | January 26, 2004 | Fastest-spreading e-mail worm known; used to attack SCO Group. | |||||
| Mylife | W32.MyLife.C@mm | April 2, 2002 | ||||||
| Navidad | ||||||||
| Netsky | February 18, 2004 | Germany | Sven Jaschan | |||||
| Nimda | September 2001 | Originally suspected to be connected to Al Qaeda because of release date; uses multiple infection vectors | ||||||
| Sadmind | May 8, 2001 | |||||||
| Sasser | Big One | April 30, 2004 | Sven Jaschan | Network worm. At startup, it kills the process lsass.exe, a windows process which handles file permissions. Killing lsass causes the computer to reboot one minute later, which would cause sasser to run again. This would continue in an infinite loop until the computer is shut down manually. | ||||
| Sircam | Spread through e-mail with text like "I send you this file in order to have your advice." | |||||||
| Sober | CME-681, WORM_SOBER.AG | October 24, 2003 | Germany, possibly from National Democratic Party of Germany | Was disguised as e-mail from United States government. | ||||
| Sobig | August 2003 | |||||||
| SQL Slammer | DDOS.SQLP1434.A, the Sapphire Worm, SQL_HEL, W32/SQLSlammer | Caused global Internet slowdown | ||||||
| Stuxnet | Win32/Stuxnet | June 2010 | First malware to attack SCADA systems. | |||||
| Swen | September 18, 2003 | |||||||
| Toxbot | 2005 | The Netherlands | Opened up a backdoor to allow command and control over the IRC network | |||||
| Upering | Annoyer.B, Sany | July 22, 2003 | ||||||
| Voyager | Voyager | Worm | October 31, 2005 | Targets Operating System running Oracle Databases | ||||
| W32.Alcra.F | Win32/Alcan.I | Worm | February 17, 2006 | Propagated through file-share networks.[1] | ||||
| W32/Bolgimo.worm | ||||||||
| W32/IRCbot.worm | W32/Checkout, W32.Mubla, W32/IRCBot-WB, and Backdoor.Win32.IRCBot.aaq | Trojan Worm | Backdoor | June 1, 2007 | It provides a backdoor server and allows a remote intruder to gain access and control over the computer via an IRC channel. | |||
| WANK | OILZ | October 1989 | Spread a pacifist, anti-nuclear political message | |||||
| Welchia | Nachia | A helpful worm meant to install security patches and removes Blaster worm if the computer is infected by it. | ||||||
| Witty | March 19, 2004 | Appeared very rapidly after announcement of Internet Security Systems vulnerability | ||||||
| Zotob | Farid Essebar and Atilla Ekici |
See also
 |
Wikimedia Commons has media related to Computer worms. |
- Timeline of notable computer viruses and worms
- Comparison of computer viruses
- List of trojan horses
References
- "W32.Alcra.F". Symantec. Retrieved 20 October 2016.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.