The Most Devastating Computer Viruses in History
From Mydoom to ILOVEYOU, computer viruses have brought companies to their knees.
You’re on your computer when an ad pops up. You think “Maybe I clicked the wrong link,” so you close it. Two more ads pop up, and before you know it, you’re trapped in a loop. For every pop-up window you close, two new ones appear, just like the heads of the mythical creature Hydra.
You probably know what we’re getting at – computer viruses. Catching a computer virus is an extremely inconvenient ordeal. You could lose important files, miss deadlines, or get your passwords or personal information stolen. Heck, viruses can even fry your computer.
For most people, though, computer viruses are just that — an inconvenience. But for the victims of the most devastating computer viruses in history, the simple mishap of downloading the wrong file or opening the wrong email attachment has cost them billions. Here’s the most devastating computer viruses that our cybersecurity experts know about and insights we can learn from each one.
The Costliest Computer Viruses
Unless you’re a crypto trader or you have a working design for a time machine, the contents of your computer probably won’t amount to millions, let alone billions, of dollars. But the costliest computer viruses didn’t just target individuals. They targeted businesses, disrupted business operations, stole corporate secrets, and leaked company data. That’s how the following viruses cost their targets billions.
Mydoom
Estimated cost of damage: $38.5 billion
“Mydoom” has such an ominous ring to it, and the virus lived up to its name. In January 2004, Mydoom spread like wildfire through emails. It’s even said that 16 to 25 percent of all emails sent in 2004 were generated by this virus. The sheer amount of spam emails was enough to overload computers and even force businesses to close for days to repair their systems.
The biggest losses came from two companies in particular: The SCO Group and Microsoft. For some reason, the first variant of Mydoom contained a payload scheduled to execute a distributed denial of service (DDoS) attack on The SCO Group’s website on February 1, 2004. The second variant targeted Microsoft’s website two days later. The effect of the attack on Microsoft was minimal, but for The SCO Group, the threat forced it to preemptively shut down its site, costing the company a large amount of its fortune.
Sobig
Estimated cost of damage: $30 billion
At $30 billion, the damage caused by Sobig was — please excuse the pun — so big. Just like Mydoom, Sobig spread through spam emails. Unlike Mydoom, it didn’t have specific targets, and its indiscriminate nature made it all the more destructive.
At the peak of its transmission, which was during the spread of the Sobig.F variant, it clogged and took down the email system at MIT — yes, the Massachusetts Institute of Technology, whose largest and most popular undergraduate program is the Electrical Engineering and Computer Science program.
And that’s the thing about Sobig: It’s not complicated and it doesn’t damage files and computers directly, but the sheer rate at which it spreads and its ability to infect a computer multiple times is enough to clog networks and disrupt processes.
Klez
Estimated cost of damage: $20 billion
Klez is another virus that spreads through email (seeing a pattern here?). Anyway, Klez was destructive because of the manner in which it executes the infection. Like we said, it spreads through emails, but unlike other viruses, one doesn’t need to download the malicious attachment to catch Klez. The virus takes advantage of Outlook and Internet Explorer vulnerabilities to make it so that simply previewing or opening the email executes the virus.
Now, keep in mind, Klez spread in 2001. Microsoft released security updates immediately to patch vulnerabilities, but very few folks updated their systems religiously then. Klez continued to spread to vulnerable computers for months, and even worse, new variants were created, the next one more destructive than the last. Klez continued to spread for the next couple of years, during which time it caused almost $20 billion in damages.
Conficker
Estimated cost of damage: $9 billion
On November 21, 2008, the Conficker worm began its terrible reign. It infected 11 million Windows computers. It spread through various ways including removable drives (think USB flash drives), network shares, self-replication, and weak passwords.
Once the virus contaminated a device it added it to a botnet or group of devices that were infected with malware. Then, those computers were remotely controlled by a hacker. Conficker then began spreading “scareware” which consisted of fake alerts that persuaded victims into downloading malware that they believed was antivirus software.
The Most Widespread Viruses
The costliest computer viruses in history were also some of the most widespread. While the viruses below didn’t cause as much damage, they rivaled Mydoom, Sobig, and Klez in terms of how quickly and vastly they proliferated.
ILOVEYOU
How widespread: Affected 10 million computers
For romantics such as ourselves, catching the love bug is a good thing. But for computer owners in 2000, it wasn’t. The Love Bug virus, otherwise known as the ILOVEYOU virus, infected over 10 percent of the world’s computers. The secret to its success? A self-replicating virus executed with a pinch of social engineering.
The ILOVEYOU virus spread through (surprise, surprise!) emails. The subject line read “ILOVEYOU” with an attached file titled “LOVE-LETTER-FOR-YOU.txt.vbs.” Anyone intrigued enough to find out who sent them the love letter quickly found out that it wasn’t from an admirer. Once a computer was infected, the virus scraped it for email contacts and started spreading itself. And that’s how a simple malicious email infected over 10 million computers worldwide.
Zeus
How widespread: Affected 88 percent of all Fortune 500 companies in 2007
Zeus seized control over computers belonging to 88 percent of all Fortune 500 companies in 2007, and that’s just the start of it. Zeus is a botnet trojan virus. It spread primarily through spam emails (of course!) and drive-by downloads, which is when it piggybacked onto compromised files and executed the infection when someone downloaded the seemingly legitimate file. At one point, it was found in over 76,000 computers worldwide.
Zeus targeted financial institutions in particular, and once a computer was infected, it became a part of a “botnet.” All infected bots gave the “bot master” — a puppeteer of sorts that can simultaneously control all computers in the botnet — backdoor access. And with thousands of computers at its disposal, the bot master could (and did) execute mass attacks. Crimes like DDoS attacks, mass hacking, data breaches, and online banking theft have been linked to the Zeus virus since 2007.
WannaCry/WannaCryptor
How widespread: Affected 200,000 systems, mostly businesses
WannaCryptor, or WannaCry for short, is one of the most devastating and ruthless viruses in recent memory. It’s actually ransomware. Once it infects a computer, it encrypts its files to lock out the owner and then demands a ransom in Bitcoin. If one fails to meet the ransom demands, they’re locked out of their files forever.
WannaCry wasn’t sneaky or clever, but somehow it picked the right targets to cause maximum damage. At one point, Renault, the French car manufacturer, had to close its European manufacturing plants to contain the spread of the virus. Hospitals, airline networks, financial institutions, and even FedEx had fallen victim as well.
Can Antivirus Software Stop These Viruses?
We know, we know, that’s a silly question. It’s like asking if Batman, the protector of Gotham, can beat the Joker. Of course, he can, and of course, antivirus software can stop even the most devastating viruses in history. Cybersecurity has come a long way since the turn of the millennium, and the viruses released then, no matter how devastating, can easily be stopped today.
But then, the same can be said about the state of cybersecurity around the time those viruses proliferated. Cybersecurity in the early 2000s was a lot better than cybersecurity in the 1980s and ’90s. Still, the viruses we just discussed managed to wreak havoc. Who’s to say that there won’t be a more devastating virus that can evade the detection of current antivirus technology?
That brings us to our next and final point: What can you do to protect yourself if and when the next big computer virus hits?
Best Computer Virus Prevention Practices
Sharing cybersecurity tips is our bread and butter, and we’re happy to share with you a few things you can do to prevent computer viruses from ever entering your computer.
- Use antivirus software. This should be obvious. Viruses and malware don’t come knocking on your front door. They hide in email attachments, file downloads, the USB drive of your friend who likes copying movies you’ve downloaded, etc. Your best bet to detect viruses before they infiltrate your computer is antivirus software. For a list of software we recommend, read our guide on the best antivirus software of 2024.
- Observe safe email practices. We’ve learned that the most destructive viruses primarily spread through emails. So what should we do? Well, first, don’t open emails or download attachments from strangers. They could be malware masquerading as something else. Having some sort of secure email gateway can also help you filter out malicious emails. And, of course, familiarizing yourself with phishing attacks and tactics is very important in preventing social engineering from being used against you.
- Avoid shady software downloads. That free NBA 2K installer you found in a forum sure seems enticing, but third-party sites offering pirated software are like petri dishes of computer viruses. It’s a best practice not to download anything at all from those sites.
- Keep your system and programs up to date. If we can learn anything from the most devastating computer viruses in history, it’s that software and firmware updates are important. Most viruses take advantage of security vulnerabilities, but software creators like Microsoft and Apple are often quick to patch those up. If your system is up to date, you’re less likely to fall prey to malware.
- Keep your firewalls up. Although viruses can enter your computer through USB or external drives, they’re more likely to enter through your network via downloads, the sites you visit, or email attachments. Use your computer’s built-in firewall to filter out malicious traffic, or even better, use antivirus software that offers a firewall itself.
Final Thoughts
Time has proven that computer viruses can be incredibly destructive. Not only are individuals affected, but these worms have impacted entire organizations on a global scale. They spread through deceptive pop-ups, email links, or attachments and lead to data breaches, personal information theft, online banking theft, and hardware damage.
We learned that viruses like Mydoom, Sobig, and Klez have collectively caused billions of dollars in damages. To ensure you remain protected against viruses, it’s imperative to implement good digital security hygiene. That means going beyond antivirus tools and practicing a range of cybersecurity practices.
After all, cybersecurity doesn’t just end in using specific software. Sure, VPNs, antivirus software, and firewalls play a role, but you should see digital safety as a way of life. Everything we do online affects our digital safety, and observing best practices is our best bet to stay ahead of cyberthreats.
