Storm worm adalah program trojan house. Beberapa versinya dapat membuat komputer menjadi error. Strorm worm muncul di tahun 2006 karena menyebar di via email dengan judul "230 dead as storm batters Europe". Strom Worm juga dapat digunakan para hacker untuk membuat spam email melalui internet
The Storm Worm began infecting thousands of (mostly private) computers in Europe and the United States on Friday, January 19, 2007, using an e-mail message with a subject line about a recent weather disaster, "230 dead as storm batters Europe". During the weekend there were six subsequent waves of the attack. As of January 22, 2007, the Storm Worm accounted for 8% of all malware infections globally
2. Leap-A/Oompa- A
Sistem kerja virus Leap-A/Oompa A adalah menyebar melalui iChat pada Mac. Setelah Mac terserang, virus itu akan mencai kontak melalui iChat dan mengirim pesan ke tiap kontak itu dengan file corrupt yang berbentuk JPEG.
The Leap or Oompa-Loompa computer virus is an application-infecting, LAN-spreading worm for Mac OS X discovered in February 2006.
Leap cannot spread over the Internet, and can only spread over a local area network reachable using the Bonjour protocol. On most networks this limits it to a single IP subnet.
The Leap worm is delivered over the iChat instant messaging program as a gzip-compressed tar file called latestpics.tgz. For the worm to take effect, the user must manually invoke it by opening the tar file and then running the disguised executable within.
The executable is disguised with the standard icon of an image file, and claims to show a preview of Apple's next OS. Once it is run, the virus will attempt to infect the system.
For non-"admin" users, it will prompt for the computer's administrator password in order to gain the privilege to edit the system configuration. It doesn't infect applications on disk, but rather when they are loaded, by using a system facility called "apphook". By default, user accounts run as non-admin, unless explicitly logged with the 'admin' login.
Leap only infects Cocoa applications, and it does not infect applications owned by the system (including the apps that come pre-installed on a new machine), but only apps owned by the user who is currently logged in. Typically, that means apps that the current user has installed by drag-and-drop, rather than by Apple's installer system. When an infected app is launched, Leap tries to infect the four most recently used applications. If those four don't meet the above criteria, then no further infection takes place at that time.
3. Sasser and Netsky
Sven Jaschan(18), pencipta Sasser Worm. Pada intinya, sasserr menyerang Microsoft Windows. Sasser ini tidak menyebar melalui via email, namun penyerangan virus ini adalah pada komputer langsung, yaitu membuat komputer tidak bisa di-shutdown tanpa mencabut kabel power.
Sasser is a computer worm that affects computers running vulnerable versions of the Microsoft operating systems Windows XP and Windows 2000. Sasser spreads by exploiting the system through a vulnerable network port (as do certain other worms). Thus it is particularly virulent in that it can spread without user intervention, but it is also easily stopped by a properly configured firewall or by downloading system updates from Windows Update. The specific hole Sasser exploits is documented by Microsoft in its MS04-011 bulletin, for which a patch had been released seventeen days earlier.
Netsky is a prolific family of computer worms. The first variant appeared on Monday, February 16, 2004. The "B" variant was the first family member to find its way into mass distribution. It appeared on Wednesday, February 18, 2004. 18-year-old Sven Jaschan of Germany confessed to having written these, and other worms, such as Sasser.
4. MyDome (Novarg)
MyDoom menyebar melalui via email. Pertama kali mulai menyerang pada tanggal 1 Februari 2004. pada tanggal 12 Februari 2004 virus ini berhenti menyebar dan mulai membuat backdoors. MyDoom selalu ada di search Engine Google dan mulai menerima jutaan permintaan pencarian yang membuat lambat hingga akhirnya timbul crash. Akibat MyDoom, Senator US Chuck Schumer mengajukan membuat National Virus Response Center.
Mydoom, also known as W32.MyDoom@mm, Novarg, Mimail.R and Shimgapi, is a computer worm affecting Microsoft Windows. It was first sighted on 26 January 2004. It became the fastest-spreading e-mail worm ever (as of January 2004), exceeding previous records set by the Sobig worm.
Mydoom appears to have been commissioned by e-mail spammers so as to send junk e-mail through infected computers. The worm contains the text message "andy; I'm just doing my job, nothing personal, sorry," leading many to believe that the worm's creator was paid. Early on, several security firms expressed their belief that the worm originated from a programmer in Russia. The actual author of the worm is unknown.
The Slammer muncul pada tahun 2003 di bulan Januari. Virus ini menyebar cepat melalui internet. Saat itu, virus ini membuat layanan ATM Bank Amerika menjadi crash serta hancurnya layanan 911 Seattle. Continental Airlines juga terpaksa membatalkan beberapa penerbangan karena error check in. Virus ini membuat kerigian lebih dari 1 Milliar Dollar.
SQL Slammer is a computer worm that caused a denial of service on some Internet hosts and dramatically slowed down general Internet traffic, starting at 05:30 UTCon January 25, 2003. It spread rapidly, infecting most of its 75,000 victims within ten minutes. So named by Christopher J. Rouland, the CTO of ISS, Slammer was first brought to the attention of the public by Michael Bacarella (see notes below). Although titled "SQL slammer worm", the program did not use the SQL language; it exploited a buffer overflow bug in Microsoft's flagship SQL Server and Desktop Engine database products, for which a patch had been released six months earlier in MS02-039. Other names include W32.SQLExp.Worm, DD
OS.SQLP1434.A, the Sapphire Worm, SQL_HEL, W32/SQLSlammer and Helkern.
Virus ini muncul di tahun 2001. Tahukan anda? "Nimda" adalah kebalikan kata dari kata "admiN". Penyebarannya sangat cepat. Menurut TruSecure CTO, Peter Tippet, Nimda hanya butuh 22 menit untuk menjadi list TOP TEN saat itu. Target dari Nimda adalah server-server Internet. Nimda akan membuat backdoor ke OS, jadi ketika penyerangan terjadi, Nimda dapat membuat akses ke server sehingga dapat berbuat apa saja dan menjadi DDos.
Nimda is a computer worm, and is also a file infector. It quickly spread, eclipsing the economic damage caused by past outbreaks such as Code Red. Multiple propagation vectors allowed Nimda to become the Internet’s most widespread virus/worm within 22 minutes.
The worm was released on September 18, 2001. Due to the release date, exactly one week after the attacks on the World Trade Center and Pentagon, some media quickly began speculating a link between the virus and Al Qaeda, though this theory ended up proving unfounded.
Nimda affected both user workstations (clients) running Windows 95, 98, Me, NT, 2000 or XP and servers running Windows NT and 2000.
The worm's name origin comes from the reversed spelling of it, which is "admin".
F-Secure found the text "Concept Virus(CV) V.5, Copyright(C)2001 R.P.China" in the Nimda code.
7.Code Red & Code Red II
Virus ini muncul pada tahun 2001, dengan menyerang target Windows 2000 & NT. Virus ini akan membuat loading buffer penuh dan menghabiskan memori. Semua komputer yang terkena virus ini akan otomatis mengakses ke web server secara bersamaan, dan membuat overload, alias serangan DDoS. Pada akhirnya Microsoft merilis patch nya saat itu.
The Code Red worm was a computer worm observed on the Internet on July 13, 2001. It attacked computers running Microsoft's IIS web server.
The Code Red worm was first discovered and researched by eEye Digital Security employees Marc Maiffret and Ryan Permeh. The worm was named the .ida "Code Red" worm because Code Red Mountain Dew was what they were drinking at the time, and because of the phrase "Hacked by Chinese!" with which the worm defaced websites.
Although the worm had been released on July 13, the largest group of infected computers was seen on July 19, 2001. On this day, the number of infected hosts reached 359,000.[2
Muncul di tahun 2001 dengan menyebar melalui via email. Virus ini mereplikasi dan terus mengirim ke orang melalui address book. Virus ini juga membuat komputer tidak dapat beroperasi.
Klez is a computer worm that propagates via e-mail. It first appeared in October 2001. A number of variants of the worm exist.
Klez infects Microsoft Windows systems, exploiting a vulnerability in Internet Explorer's Trident layout engine, used by both Microsoft Outlook and Outlook Express to render HTML mail.
The e-mail through which the worm spreads always includes a text portion and one or more attachments. The text portion consists of either an HTML internal frame tag which causes buggy e-mail clients to automatically execute the worm, or a few lines of text that attempt to induce the recipient to execute the worm by opening the attachment (sometimes by claiming that the attachment is a patch from Microsoft; sometimes by claiming that the attachment is an antidote for the Klez worm). The first attachment is always the worm, whose internals vary.
Once the worm is executed, either automatically by the buggy HTML engine or manually by a user, it searches for addresses to send itself to. When it sends itself out, it may attach a file from the infected machine, leading to possible privacy breaches.
Later variants of the worm would use a false From address, picking an e-mail address at random from the infected machine's Outlook or Outlook Express address book, making it impossible for casual observers to determine which machine is infected, and making it difficult for experts to determine anything more than the infected machine's Internet Service Provider.
ILOVEYOU adalah virus dengan tipe vbs (visual basic scripting). Penciptanya adalah Onel de Guzman dari Fillipina. Virus ini bertipe worm, dan dapat me-replikasi diri sendiri. Virus ini menyebar melalui via email dengan judul "surat cinta" dan "pengagum rahasia."
ILOVEYOU, also known as Love Letter, is a computer worm that successfully attacked tens of millions of computers in 2000 when it was sent as an attachment to a user with the text "ILOVEYOU" in the subject line. The worm arrived e-mail on and after May 4, 2000 with the simple subject of "ILOVEYOU" and an attachment "LOVE-LETTER-FOR-YOU.". The final extension was hidden by default, leading unsuspecting users to think it was a normal text file. Upon opening the attachment, the worm sent a copy of itself to everyone in the Windows Address Book and with the user's sender address. It also made a number of malicious changes to the user's system.
Virus Melissa dibuat pada tahun 1999 oleh David L Smith. Menyebar melalui email dengan dokumen basic Microsoft Word. Jika dibuka, virus akan mereplikasi diri dan secara otomatis akan mengirim ke top 50 di address book email.
First found on March 26, 1999, Melissa shut down Internet mail systems that got clogged with infected e-mails propagating from the virus. Melissa was not originally designed for harm, but it overloaded servers and caused problems.
Melissa was first distributed in the Usenet discussion group alt.sex. The virus was inside a file called "List.DOC", which contained passwords that allow access into 80 pornographic websites. The virus' original form was sent via e-mail to many people
Melissa can spread on word processors Microsoft Word 97 and Word 2000 and also Microsoft Excel 97, 2000 and 2003. It can mass-mail itself from e-mail client Microsoft Outlook 97 or Outlook 98.
If a Word document containing the virus, either LIST.DOC or another infected file, is downloaded and opened, then the macro in the document runs and attempts to mass mail itself.
When the macro mass-mails, it collects the first 50 entries from the alias list or address book and sends itself to the e-mail addresses in those entries
sumber referensi : en.wikipedia.org