HP TECH TAKES /...

Exploring today's technology for tomorrow's possibilities
The Top 10 Worst Computer Viruses in History

The Top 10 Worst Computer Viruses in History

Tom Gerencer
|
Once a laughing matter, computer viruses are now a damaging and costly plague on our internet-connected world. More than 350,000 new pieces of malware are discovered every day, with an annual cost of over $55 billion. But one virus – the Mydoom virus in 2004 – leads the pack with $38 billion in damages.
This article ranks the most destructive computer viruses by financial impact. But bear in mind that these malicious programs are just the tip of the iceberg. With 127 million new malware apps attacking consumers and businesses each year, the viruses in this article are just the biggest fish in an endless cybercrime sea.

10 worst computer viruses in history

In the list of the 10 most famous computer viruses below, we show the costs, dates, reach, and other key facts. First a note about terms: we use the words “virus” and “worm” interchangeably because most readers search for them that way. But there’s a subtle difference that we explain after the list.

1. Mydoom – $38 billion

The worst computer virus outbreak in history, Mydoom caused estimated damage of $38 billion in 2004, but its inflation-adjusted cost is actually $52.2 billion. Also known as Novarg, this malware is technically a “worm,” spread by mass emailing. At one point, the Mydoom virus was responsible for 25% of all emails sent.
Mydoom scraped addresses from infected machines, then sent copies of itself to those addresses. It also roped those infected machines into a web of computers called a botnet that performed distributed denial of service (DDoS) attacks. These attacks were intended to shut down a target website or server.
Mydoom is still around today, generating 1% of all phishing emails. That’s no small feat considering the 3.4 billion phishing emails sent each day. By that figure, Mydoom has taken on a life of its own, infecting enough poorly-protected machines to send 1.2 billion copies of itself per year, 16 years after its creation.
Though a $250,000 reward was offered, the developer of this dangerous computer worm was never caught.
Wondering what makes the world’s most secure computers so safe? See the Tech@Work guide: Upgrade to the World's Most Secure and Manageable PC

2. Sobig – $30 billion

The 2003 Sobig computer virus is actually another worm. It is second only to the Mydoom virus in its scope. The $30 billion figure is a worldwide total, including Canada, the U.K., the U.S., mainland Europe, and Asia. Several versions of the worm were released in quick succession, named Sobig.A through Sobig.F, with Sobig.F being the most damaging.
This cybercriminal program masqueraded as legitimate computer software attached to emails. It disrupted ticketing at Air Canada and interfered with countless other businesses. Despite its widespread damage, the creator of the successful bug was never caught.

3. Klez – $19.8 billion

Klez is a close third on the list of the worst computer viruses ever created. With nearly $20 billion in estimated damages, it infected about 7.2% of all computers in 2001, or 7 million PCs. The Klez worm sent fake emails, spoofed recognized senders and, among other things, attempted to deactivate other viruses.
As with other viruses and worms, Klez was released in several variants. It infected files, copied itself, and spread throughout each victim’s network. It hung around for years, with each version more destructive than the last.
Windows has come a long way since most of the computer viruses on this list hit the web. Thankfully, built-in protection with Microsoft Defender is always on the watch.

4. ILOVEYOU – $15 billion

The year 2000’s ILOVEYOU virus worked by sending a bogus “love letter” that looked like a harmless text file. Like Mydoom, this attacker sent copies of itself to every email address in the infected machine’s contact list. Shortly after its May 4 release, it had spread to more than 10 million PCs.
The virus was created by a college student in the Philippines named Onel de Guzman. Lacking funds, he wrote the virus to steal passwords so he could log into online services he wanted to use for free. He reportedly had no idea how far his creation would spread. This virus is also known as Loveletter.
Need to up your remote work security game before there’s another entry on the list of most deadly computer viruses? See our guide: How to Work Remotely and Securely

5. WannaCry – $4 billion

The 2017 WannaCry computer virus is ransomware, a virus that takes over your computer (or cloud files) and holds them hostage. The WannaCry ransomware ripped through computers in 150 countries, causing massive productivity losses as businesses, hospitals, and government organizations that didn’t pay were forced to rebuild systems from scratch.
The malware raged like wildfire through 200,000 computers worldwide. It stopped when a 22-year-old security researcher in the U.K. found a way to turn it off. Computers with out-of-date operating systems were hit especially hard. That’s why security experts always recommend updating your systems frequently.

Ransomware strikes again

In September 2020, one of the potentially largest computer virus attacks in medical history hit Universal Health Services. The U.S. hospital chain, which has more than 400 locations, was reportedly struck by damaging ransomware. The attack forced the cancellation of surgeries and made healthcare workers switch to paper records.

6. Zeus – $3 billion

The Zeus computer virus is an online theft tool that hit the web in 2007. A whitepaper by Unisys three years later estimated that it was behind 44% of all banking malware attacks. By then, it had breached 88% of all Fortune 500 companies, 2,500 organizations total, and 76,000 computers in 196 countries.
The Zeus botnet was a group of programs that worked together to take over machines for a remote “bot master.” It originated in Eastern Europe and was used to transfer money to secret bank accounts. More than 100 members of the crime ring behind the virus, mostly in the U.S., were arrested in 2010. It’s not as prominent today, but some of the virus’ source code lives on in newer botnet viruses and worms.
Zeus caused documented damage of $100 million. But the real cost in terms of lost productivity, removal, and undocumented theft is undoubtedly much higher. A $3 billion estimate, adjusted for inflation, puts this virus at a cost of $3.7 billion in today’s dollars.

7. Code Red – $2.4 billion

First observed in 2001, the Code Red computer virus was yet another worm that penetrated 975,000 hosts. It displayed the words “Hacked by Chinese!” across infected web pages, and it ran entirely in each machine’s memory. In most cases it left no trace in hard drives or other storage.
Financial costs are pegged at $2.4 billion. The virus attacked websites of infected computers and delivered a distributed denial of service (DDoS) attack on the U.S. White House’s website, www.whitehouse.gov. In fact, the White House had to change its IP address to defend against Cod Red.
Can your printer get a virus? See our cool infographic: The State of Printer Security

8. Slammer – $1.2 billion

The SQL Slammer worm cost an estimated $750 million across 200,000 computer users in 2003. This computer virus randomly selected IP addresses, exploiting vulnerabilities and sending itself on to other machines. It used these victim machines to launch a DDoS attack on several internet hosts, significantly slowing internet traffic.
The Slammer worm hit banks in the U.S. and Canada especially hard, taking ATMs offline in many locations. Customers of Toronto’s Imperial Bank of Commerce found themselves unable to access funds. The attack reared its ugly head again in 2016, launching from IP addresses in Ukraine, China, and Mexico.

9. CryptoLocker – $665 million

Thankfully, ransomware attacks like the 2013 CryptoLocker virus have dipped since their 2017 peak. This malware attacked upwards of 250,000 machines by encrypting their files. It displayed a red ransom note informing users that “your important files encryption produced on this computer.” A payment window accompanied the note.
The virus’ creators used a worm called the Gameover Zeus botnet to make and send copies of the CryptoLocker virus. According to a report by security firm Sophos, the average ransomware attack costs a business $133,000. If we estimate that CryptoLocker hit 5,000 companies, that would put its total cost at $665 million.
Where will cybersecurity go next? See our guide: The Future of Cybersecurity

10. Sasser – $500 million

The Sasser worm was written by a 17-year-old German computer science student named Sven Jaschan. He was arrested at the age of 18 in 2004 after a $250,000 bounty was posted for the computer virus’ creator. A friend of Jaschan’s tipped authorities that the youth had penned not only the Sasser worm but also the damaging Netsky.AC attack.
Jaschan was given a suspended sentence after it was found he was a minor when he wrote the malware. The Sasser worm crashed millions of PCs, and though some reports put damages at $18 billion, the relatively low infection rate suggests a more likely cost of $500 million.

Other notable viruses

The top 10 worst computer viruses above are just the ugly tip of a gargantuan digital iceberg. With a million new malware programs popping up every 3 years, we may miss the forest for a few outstanding trees. Here are just a few more viruses that have wreaked havoc over the years:
  • Mimail: This worm tried to harvest data from infected machines to launch a string of DDoS attacks, but was relatively easy to remove.
  • Yaha: Yet another worm with several variants, thought to be the result of a cyber-war between Pakistan and India.
  • Swen: Written in C++, the Swen computer worm disguised itself to look like a 2003 OS update. Its financial cost has been pegged at $10.4 billion, but not reliably.
  • Storm Worm: This worm showed up in 2007 and attacked millions of computers with an email about approaching bad weather.
  • Tanatos/Bugbear: A 2002 keylogger virus that targeted financial institutions and spread to 150 countries.
  • Sircam: A computer worm from 2001 that used counterfeit emails with the subject line, “I send you this file in order to have your advice.”
  • Explorezip: This worm used fake emails to spread to every machine on thousands of local networks.
  • Melissa: The most dangerous computer virus in 1999, Melissa sent copies of itself that looked like NSFW pics. The U.S. FBI estimated cleanup and repair costs at $80 million.
  • Flashback: A Mac-only virus, Flashback infected over 600,000 Macs in 2012 and even infected Apple’s home base in Cupertino, Calif. In 2020, there’s now more malware on Macs than on PCs.
  • Conficker: This 2009 virus still infects many legacy systems and could do significant damage if it ever activates.
  • Stuxnet: This worm is reported to have destroyed Iranian nuclear centrifuges by sending damaging instructions.
Learn how to harden your company’s cybersecurity profile: Best Ways to Improve Corporate Cybersecurity

Virus vs worm

The difference between a virus and a worm is that a virus needs another program to make it work, like a word processor or web browser. By contrast, a worm is self-contained and can run, copy, and send copies of itself all on its own. Some of the most dangerous computer viruses are actually worms.

How to know if you have a virus

Today, it’s easy to know if you have a virus. Just open your computer’s antivirus software and view its latest report. Windows 10 has built-in virus protection called Windows Security. To find it, type “Windows Security” in your PC’s search bar. Click the shield icon on the left to see your latest scan.
Wondering what to do if you get a virus? See our guide: How To Get Rid of a Virus
For additional protection, McAfee® uses a deep threat intelligence network and machine learning to detect, protect, and correct from the cloud. See our review: McAfee Antivirus Review for 2020

Methodology

To find the worst computer viruses in the world, we relied on estimates of lost productivity, duration of infection, and approximate numbers for total machines infected. We also used estimates of cleanup and repair costs. Unfortunately, no government or world body tracks the cost of computer viruses.
Most of the computer virus cost estimates you’ll find in other articles online come from a single source. It’s a very short (2-paragraph) article by a UK security firm called mi2g in 2003. That article doesn’t show the data behind its estimates, and the figures in most cases seem inflated, especially after our independent research. We adjusted these estimates up or down by cross-checking them against data from various government bodies and security analysts.

Summary

Computer viruses cost an estimated $55 billion each year in cleanup and repair costs. The biggest computer virus ever is the Mydoom virus, which did an estimated $38 billion in damages in 2004. Other notables are the Sobig worm at $30 billion and the Klez worm at $19.8 billion. Thankfully, today’s secure PCs and operating systems make it exponentially harder for viruses and worms to get a foothold in our connected lives.
Related articles:
About the Author: Tom Gerencer is a contributing writer for HP® Tech Takes. Tom is an ASJA journalist, career expert at Zety.com, and a regular contributor to Boys' Life and Scouting magazines. His work is featured in Costco Connection, FastCompany, and many more.

Disclosure: Our site may get a share of revenue from the sale of the products featured on this page.

Disclaimer

Prices, specifications, availability and terms of offers may change without notice. Price protection, price matching or price guarantees do not apply to Intra-day, Daily Deals or limited-time promotions. Quantity limits may apply to orders, including orders for discounted and promotional items. Despite our best efforts, a small number of items may contain pricing, typography, or photography errors. Correct prices and promotions are validated at the time your order is placed. These terms apply only to products sold by HP.com; reseller offers may vary. Items sold by HP.com are not for immediate resale. Orders that do not comply with HP.com terms, conditions, and limitations may be cancelled. Contract and volume customers not eligible.

HP’s MSRP is subject to discount. HP’s MSRP price is shown as either a stand-alone price or as a strike-through price with a discounted or promotional price also listed. Discounted or promotional pricing is indicated by the presence of an additional higher MSRP strike-through price

The following applies to HP systems with Intel 6th Gen and other future-generation processors on systems shipping with Windows 7, Windows 8, Windows 8.1 or Windows 10 Pro systems downgraded to Windows 7 Professional, Windows 8 Pro, or Windows 8.1: This version of Windows running with the processor or chipsets used in this system has limited support from Microsoft. For more information about Microsoft’s support, please see Microsoft’s Support Lifecycle FAQ at https://support.microsoft.com/lifecycle

Ultrabook, Celeron, Celeron Inside, Core Inside, Intel, Intel Logo, Intel Atom, Intel Atom Inside, Intel Core, Intel Inside, Intel Inside Logo, Intel vPro, Itanium, Itanium Inside, Pentium, Pentium Inside, vPro Inside, Xeon, Xeon Phi, Xeon Inside, and Intel Optane are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries.

In-home warranty is available only on select customizable HP desktop PCs. Need for in-home service is determined by HP support representative. Customer may be required to run system self-test programs or correct reported faults by following advice given over phone. On-site services provided only if issue can't be corrected remotely. Service not available holidays and weekends.

HP will transfer your name and address information, IP address, products ordered and associated costs and other personal information related to processing your application to Bill Me Later®. Bill Me Later will use that data under its privacy policy.

Microsoft Windows 10: Not all features are available in all editions or versions of Windows 10. Systems may require upgraded and/or separately purchased hardware, drivers, software or BIOS update to take full advantage of Windows 10 functionality. Windows 10 is automatically updated, which is always enabled. ISP fees may apply and additional requirements may apply over time for updates. See http://www.microsoft.com.

“Best All In One Printer” and “the easiest printer you’ve ever had to set up” from Wirecutter. ©2020 The Wirecutter, Inc.. All rights reserved. Used under license. https://www.nytimes.com/wirecutter/reviews/best-all-in-one-printer/

Get Marvel’s Avengers when you purchase HP gaming PCs with qualifying 9th gen or 10th gen Intel® Core™ i5, i7 and i9 processors. Redemption code will be sent out by email within 60 days of purchase. Limited quantities and while supply lasts. Offer valid thru 12/31/2020 only while supplies last. We reserve the right to replace titles in the offer for ones of equal or greater value. Certain titles may not be available to all consumers because of age restrictions. The Offer may be changed, cancelled, or suspended at any time, for any reason, without notice, at Intel’s reasonable discretion if its fairness or integrity affected whether due to human or technical error. The Offer sponsor is Intel Corporation, 2200 Mission College Blvd., Santa Clara, CA 95054, USA. To participate you must create an Intel Digital Hub Account, purchase a qualifying product during the redemption period, enter a valid Master Key, and respond to a brief survey. Information you submit is collected, stored, processed, and used on servers in the USA. For more information on offer details, eligibility, restrictions, and our privacy policy, visit https://softwareoffer.intel.com/offer/20Q3-19/terms.

© 2020 MARVEL. © Intel Corporation. Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries. Other names and brands may be claimed as the property of others.

The personal information you provide will be used according to the HP Privacy Statement (https://www8.hp.com/us/en/privacy/ww-privacy.html)