In today’s hyper-connected digital landscape, the threat of computer viruses looms larger than ever. They invade silently, multiply rapidly, and can ravage our data systems, inflicting irreversible damage before we even realize their presence. They are the unseen predators lurking in the digital wilderness, waiting for the perfect moment to pounce on unsuspecting victims. With this harsh reality in mind, gaining a firm understanding of these potentially devastating cyber threats is crucial.
Welcome to our comprehensive guide on computer viruses. Herein, we aim to unveil the elusive nature of 150 such digital predators. We’ve catalogued an extensive variety of threats, ranging from early prototypes that emerged from the technological stone age to the more sophisticated specimens that exist today. This includes a vast array of worms, trojans, ransomware, and other forms of insidious codes, each meticulously dissected to reveal their unique modus operandi.
In providing this compendium, our goal is to foster a profound awareness of these digital threats among readers, thus empowering them to better secure their cyber domains. This guide is not only for IT professionals or cybersecurity enthusiasts but also for everyday users who wish to understand the gravity of the threats they face each time they navigate the cyberspace.
Prepare to delve into the minds of cybercriminals, unravel the intricacies of their creations, and arm yourself with the knowledge you need to fortify your digital fortresses against the ever-evolving threats of the online world.
Join us on this enlightening journey through the dark corridors of the digital world as we unmask the faces of these hidden predators.
Knowledge is power, and in the digital era, it is your best defense.
List of computer viruses
| No. | Name | Description |
|---|---|---|
| 1 | ILOVEYOU | A notorious email worm from 2000, which spread by sending copies of itself using Outlook contacts, disguised as a love confession. |
| 2 | Code Red | A worm observed in 2001, exploiting a vulnerability in Microsoft’s IIS web server, causing a denial of service. |
| 3 | Slammer | Rapidly spreading worm from 2003, which caused a significant slowdown on parts of the internet by consuming bandwidth. |
| 4 | Mydoom | A worm from 2004, spread via email and file-sharing platforms, causing a backdoor vulnerability in infected systems. |
| 5 | Sasser | A worm from 2004, exploiting a vulnerability in Windows OS, causing affected machines to reboot. |
| 6 | Conficker | A worm from 2008, known for forming a botnet and its resilience against removal. |
| 7 | Zeus | A trojan from 2007, primarily used for stealing banking information via keystroke logging and form grabbing. |
| 8 | Stuxnet | A highly sophisticated worm from 2010, specifically targeting Iran’s nuclear program. |
| 9 | CryptoLocker | A notorious ransomware from 2013, encrypting user files and demanding a ransom in Bitcoin for their decryption. |
| 10 | Heartbleed | Not a virus but a critical bug in OpenSSL from 2014, potentially allowing attackers to eavesdrop on encrypted traffic. |
| 11 | GoZeus | A peer-to-peer variant of Zeus, causing significant financial loss by stealing banking information. |
| 12 | Petya | A ransomware from 2016, which not only encrypts files but also overwrites the master boot record. |
| 13 | WannaCry | A widespread ransomware from 2017, leveraging an NSA exploit known as EternalBlue. |
| 14 | NotPetya | A destructive malware from 2017, masquerading as ransomware, its main objective was to cause damage rather than financial gain. |
| 15 | Bad Rabbit | A ransomware from 2017, known for spreading via drive-by downloads, disguised as an Adobe Flash installer. |
| 16 | IcedID | A trojan from 2017, primarily used for stealing banking information and initiating fraudulent transactions. |
| 17 | Mirai | A botnet from 2016, known for large-scale DDoS attacks, particularly targeting IoT devices. |
| 18 | Emotet | A trojan from 2014, evolved into a major malware distributor, often serves as the initial infection in a multi-stage attack. |
| 19 | TrickBot | A trojan from 2016, originally a banking malware, it has evolved to perform a variety of malicious activities. |
| 20 | Ryuk | A ransomware from 2018, known for targeted attacks against enterprises, often preceded by Emotet or TrickBot infection. |
| 21 | GandCrab | A ransomware from 2018, known for its affiliate program, making it one of the most widespread ransomware families. |
| 22 | Sodinokibi/REvil | A ransomware from 2019, successor to GandCrab, known for large ransom demands and double extortion tactics. |
| 23 | Maze | A ransomware from 2019, pioneering the double extortion tactic, threatening to publish stolen data if the ransom is not paid. |
| 24 | Dridex | A trojan from 2011, primarily used for stealing banking information, it has evolved into a versatile threat delivering different malwares. |
| 25 | Conti | A ransomware from 2020, known for fast encryption speed, double extortion tactics, and targeting healthcare organizations. |
| 26 | Qbot | A trojan from 2008, stealing banking data and delivering various malwares, it’s known for its sophisticated evasion techniques. |
| 27 | Egregor | A ransomware from 2020, known for attacking large corporations, uses double extortion tactics. |
| 28 | Sunburst/Solorigate | A sophisticated supply chain attack from 2020, compromising the Orion platform from SolarWinds. |
| 29 | DarkSide | A ransomware from 2020, known for targeted attacks and its “Robin Hood” image, claiming to donate part of their income to charity. |
| 30 | ZLoader | A trojan from 2016, stealing credentials and other sensitive data, often distributed through phishing campaigns. |
| 31 | Avaddon | A ransomware from 2020, utilizing double extortion tactics and often distributed via malicious email attachments. |
| 32 | BazarLoader | A trojan from 2020, providing backdoor access to infected machines, known for its use in ransomware attacks. |
| 33 | Hades | A ransomware from 2020, the actor behind the malware is suspected of stealing data before encrypting files. |
| 34 | Nefilim | A ransomware from 2020, utilizing double extortion tactics, it often targets corporations with poor cybersecurity. |
| 35 | WastedLocker | A ransomware from 2020, known for targeting large corporations, it avoids infecting machines in the Commonwealth of Independent States. |
| 36 | RagnarLocker | A ransomware from 2020, known for attacking large corporations, it uses virtual machines to evade detection. |
| 37 | NetWalker | A ransomware from 2019, operated as a ransomware-as-a-service, it’s known for targeting educational institutions. |
| 38 | DopplePaymer | A ransomware from 2019, known for targeted attacks, double extortion, and disabling backup applications. |
| 39 | Thanos | A ransomware from 2020, known for its RIPlace evasion technique, which bypasses anti-ransomware methods based on file system monitoring. |
| 40 | Snake/EKANS | A ransomware from 2019, notable for specifically targeting industrial control systems. |
| 41 | APT29/Cozy Bear | A state-sponsored threat actor from Russia, known for sophisticated cyber espionage attacks. |
| 42 | APT28/Fancy Bear | A state-sponsored threat actor from Russia, implicated in several high-profile incidents, including the DNC hack in 2016. |
| 43 | APT34/OilRig | A state-sponsored threat actor from Iran, known for cyber espionage activities targeting regional and international entities. |
| 44 | APT33/Elfin | A state-sponsored threat actor from Iran, known for targeting organizations in the aviation industry and energy sector. |
| 45 | Lazarus Group | A state-sponsored threat actor from North Korea, known for cyber espionage and cybercrime activities, including the Sony Pictures hack in 2014. |
| 46 | APT10/Cloud Hopper | A state-sponsored threat actor from China, known for large-scale cyber espionage campaigns targeting managed IT service providers. |
| 47 | APT41/Barium | A state-sponsored threat actor from China, known for a mix of cyber espionage and cybercrime activities. |
| 48 | Turla | A state-sponsored threat actor from Russia, known for sophisticated cyber espionage attacks, often using watering hole techniques. |
| 49 | DarkHotel | A threat actor presumably from East Asia, known for cyber espionage campaigns targeting business hotel visitors. |
| 50 | Equation Group | A state-sponsored threat actor presumably from the U.S., known for its sophisticated cyber espionage tools and tactics. |
| 51 | Blaster | A worm from 2003, spreading via a vulnerability in Windows OS and causing system instability. |
| 52 | Klez | A worm from 2001, spreading via email and known for its ability to disable antivirus software. |
| 53 | Nimda | A worm from 2001, spreading rapidly via multiple methods including email, open network shares, and web vulnerabilities. |
| 54 | Sality | A family of file infectors first discovered in 2003, capable of spreading over network shares and removable drives. |
| 55 | Simile | A complex virus from 2002, using entry-point obscuring and metamorphism to evade detection. |
| 56 | Storm Worm | A trojan horse that appeared in 2007, using social engineering methods and creating a botnet. |
| 57 | Bagle | A mass-mailing worm from 2004, opening a backdoor on a TCP port and lowering security settings. |
| 58 | Yaha | A worm from 2002, spreading through email and network shares, and capable of launching a denial-of-service attack. |
| 59 | BlackEnergy | A trojan from 2007, known for DDoS attacks, and later used for cyber espionage and destructive attacks. |
| 60 | Tiny Banker Trojan | A trojan from 2014, known for its small size and for targeting banking information. |
| 61 | Locky | A ransomware from 2016, spreading via malicious email attachments and encrypting user files. |
| 62 | Virut | A file infector from 2006, known for its polymorphic capabilities, botnet creation, and for infecting executable files. |
| 63 | Parite | A file infector from 2001, known for infecting executable files and spreading through shared files. |
| 64 | Ramnit | A worm from 2010, known for infecting Windows executable files and HTML files, and stealing sensitive data. |
| 65 | Rbot | A worm from 2003, known for exploiting multiple vulnerabilities, performing DDoS attacks, and providing attackers with backdoor access. |
| 66 | PoisonIvy | A trojan from 2005, providing attackers with complete control over the infected machine. |
| 67 | Cutwail | A botnet discovered in 2007, primarily known for sending spam emails. |
| 68 | GameOver Zeus | A peer-to-peer variant of the Zeus trojan from 2011, known for banking information theft and for distributing Cryptolocker ransomware. |
| 69 | Pushdo | A botnet discovered in 2007, known for distributing secondary payloads and sending large amounts of spam email. |
| 70 | Lethic | A botnet discovered in 2009, primarily used for sending spam emails. |
| 71 | Vundo | A trojan from 2004, known for displaying pop-up advertising for rogue anti-spyware programs. |
| 72 | Alureon/DNS Changer | A trojan from 2007, known for modifying a user’s DNS settings to redirect web traffic and commit fraud. |
| 73 | ZeroAccess | A trojan from 2011, known for creating a botnet, click fraud, and Bitcoin mining. |
| 74 | Cridex/Dridex | A trojan from 2011, known for stealing banking credentials and personal information. |
| 75 | SpyEye | A trojan from 2009, known for stealing banking information, integrating with web browsers, and competing with the Zeus trojan. |
| 76 | Carberp | A trojan from 2009, known for stealing banking information, and its source code was leaked, leading to various offshoots. |
| 77 | Shylock | A trojan from 2011, known for stealing banking information, spreading through various methods, and for its modular design. |
| 78 | Bebloh | A trojan from 2009, known for stealing banking information and performing man-in-the-middle attacks. |
| 79 | URLZone | A trojan from 2009, known for stealing banking information and manipulating online banking transactions. |
| 80 | Clampi | A trojan from 2007, known for stealing information and performing man-in-the-browser attacks. |
| 81 | Torpig/Sinowal | A trojan from 2005, known for stealing personal and banking information, and for its sophisticated techniques to avoid detection. |
| 82 | Palevo | A worm from 2009, known for spreading through various methods, creating a botnet, and distributing other malware. |
| 83 | Leurenet | A botnet from 2011, known for distributing various types of malware. |
| 84 | Grum | A botnet from 2008, known for being one of the world’s largest senders of spam email. |
| 85 | Bredolab | A botnet from 2009, known for distributing various types of malware. |
| 86 | Rustock | A botnet from 2006, known for being one of the world’s largest senders of spam email. |
| 87 | Srizbi | A botnet from 2007, known for being one of the world’s largest senders of spam email. |
| 88 | Mariposa | A botnet from 2008, known for stealing information and distributing other malware. |
| 89 | Kelihos | A botnet from 2010, known for sending spam emails, stealing Bitcoin wallets, and distributing other malware. |
| 90 | Metulji | A botnet from 2010, known for using polymorphic code and for distributing other malware. |
| 91 | Operation Aurora | A series of cyber attacks from 2009, targeting several corporations, and known for exploiting an Internet Explorer vulnerability. |
| 92 | Night Dragon | A series of cyber attacks from 2011, targeting energy companies, and known for exploiting Windows vulnerabilities. |
| 93 | Operation Shady RAT | A series of cyber attacks from 2006 to 2011, targeting various organizations and known for its long duration. |
| 94 | GhostNet | A large-scale cyber spying operation discovered in 2009, known for infiltrating many sensitive networks and stealing information. |
| 95 | Waledac | A botnet from 2008, known for sending spam emails and for its peer-to-peer communication mechanism. |
| 96 | Mega-D/Ozdok | A botnet from 2007, known for sending spam emails. |
| 97 | Jeefo | A file infector from 2002, known for its ability to remain resident in memory and infect executable files. |
| 98 | Conficker.C | A variant of the Conficker worm from 2009. |
| 99 | Spybot | A worm from 2003, known for spreading via various methods and providing attackers with backdoor access. |
| 100 | ILOVEYOU | A worm from 2000, known for spreading via an email message with the subject of “ILOVEYOU”. |
| 101 | Netsky | A worm from 2004, known for spreading through email and Windows network shares. |
| 102 | Slammer | A worm from 2003, known for causing significant network traffic and system instability. |
| 103 | Goner | A worm from 2001, spreading via email and instant messaging, and it can disable security software. |
| 104 | Nimda | A worm from 2001, spreading rapidly via multiple methods, known for its hybrid infecting method. |
| 105 | Stuxnet | A worm from 2010, specifically designed to attack SCADA systems, particularly those associated with Iran’s nuclear program. |
| 106 | Mydoom | A worm from 2004, known for launching DDoS attacks and for its rapid infection rate. |
| 107 | CryptoLocker | A ransomware from 2013, known for encrypting user files and demanding a ransom to decrypt them. |
| 108 | Flame | A modular computer malware from 2012, known for its complex toolkit for various cyber espionage activities. |
| 109 | Red October | A cyber espionage operation from 2012, known for targeting diplomatic, governmental and scientific research organizations. |
| 110 | Shellshock/Bashdoor | A vulnerability from 2014, enabling attackers to execute arbitrary commands on an affected system. |
| 111 | CryptoWall | A ransomware from 2014, encrypting user files and demanding a ransom to decrypt them. |
| 112 | FREAK | A vulnerability from 2015, forcing a victim to use weaker encryption that could be decrypted. |
| 113 | Mischa | A ransomware from 2016, known for being bundled with the Petya ransomware. |
| 114 | Shifu | A trojan from 2015, known for stealing banking information and utilizing multiple advanced evasion techniques. |
| 115 | Vawtrak | A trojan from 2014, stealing banking information and known for its frequent updates and complex C&C infrastructure. |
| 116 | Heartbleed | A vulnerability from 2014 in OpenSSL, potentially exposing private keys and sensitive information. |
| 117 | Poodle | A vulnerability from 2014, enabling an attacker to downgrade the SSL/TLS protocol to a vulnerable version. |
| 118 | TorrentLocker | A ransomware from 2014, known for encrypting user files and targeting specific geographical areas. |
| 119 | Duqu | A collection of malware discovered in 2011, known for its relation to Stuxnet and for its advanced cyber espionage capabilities. |
| 120 | Dyre/Dyreza | A trojan from 2014, known for stealing banking information and for its ability to bypass SSL. |
| 121 | Regin | A complex spyware from 2008, known for its advanced capabilities and for targeting governmental, research and telecommunication sectors. |
| 122 | Carbanak | A trojan from 2014, known for its role in a sophisticated attack against several banks. |
| 123 | CTB-Locker | A ransomware from 2014, encrypting user files and known for its unique payment method via Tor network. |
| 124 | Destover | A wiper malware from 2014, associated with the cyber attack against Sony Pictures. |
| 125 | Zeus Gameover | A variant of Zeus trojan from 2011, known for its use of P2P communications and for stealing banking information. |
| 126 | Jigsaw | A ransomware from 2016, known for its pressure tactics like incrementally deleting files over time. |
| 127 | Qakbot | A banking trojan from 2009, known for stealing banking credentials and for its worm-like self-replicating capability. |
| 128 | Mirai | A malware from 2016, known for creating a botnet out of IoT devices and launching massive DDoS attacks. |
| 129 | FairWare | A ransomware from 2016, known for deleting files from servers and then demanding a ransom. |
| 130 | Satana | A ransomware from 2016, known for encrypting user files and MBR, making the system unbootable. |
| 131 | GhostPush | A mobile malware from 2015, known for gaining root access and installing unwanted software on the device. |
| 132 | SpyNote | A mobile trojan from 2016, providing attackers with backdoor access and full control over the infected device. |
| 133 | HummingBad | A mobile malware from 2016, known for establishing a persistent rootkit and installing fraudulent apps. |
| 134 | Pegasus | A mobile spyware from 2016, providing attackers with full control over the infected device. |
| 135 | Gooligan | A mobile malware from 2016, known for stealing Google account credentials and installing fraudulent apps. |
| 136 | Judy | A mobile malware from 2017, known for generating fraudulent ad clicks. |
| 137 | Xavier | A mobile malware from 2017, known for downloading and executing other malicious codes from a remote server. |
| 138 | CopyCat | A mobile malware from 2017, known for ad fraud and for infecting more than 14 million Android devices. |
| 139 | OSX/Dok | A macOS malware from 2017, known for performing man-in-the-middle attacks on all traffic, including HTTPS. |
| 140 | Fruitfly/Quimitchin | A macOS malware from 2017, providing attackers with full control over the infected device. |
| 141 | Eleanor | A macOS malware from 2016, known for providing attackers with backdoor access to the infected device. |
| 142 | OSX/Pirrit | A macOS adware from 2016, known for displaying intrusive advertisements and modifying system settings. |
| 143 | Proton | A macOS malware from 2017, known for stealing a variety of data and providing attackers with full control over the infected device. |
| 144 | Meltdown | A hardware vulnerability from 2018, affecting Intel processors and allowing a rogue process to read any physical, kernel or other process’s mapped memory. |
| 145 | Spectre | A hardware vulnerability from 2018, breaking the isolation between different applications and allowing an attacker to trick error-free programs into leaking their secrets. |
| 146 | VPNFilter | A malware from 2018, targeting routers and network-attached storage devices, capable of stealing information, exploiting devices, and self-destruction. |
| 147 | SamSam | A ransomware from 2015, known for targeting healthcare industries, encrypting files and demanding a ransom. |
| 148 | Ryuk | A ransomware from 2018, known for its use in targeted attacks, high ransom demands, and for being spread by TrickBot malware. |
| 149 | TrickBot | A banking trojan from 2016, known for stealing banking information, spreading within networks, and for delivering other malwares like Ryuk. |
| 150 | WannaCry | A ransomware from 2017, known for its global impact, exploiting a vulnerability in Windows SMB protocol and encrypting files. |
