Worms are actually a subclass of viruses, so they share some characteristics. They are programs that make copies of themselves, hosting them in different locations on the computer. The objective of this malware is usually to collapse computers and computer networks, thus preventing users from working. Unlike viruses, worms do not infect files but this doesn’t take away from how dangerous the worms can be.
What is the goal and why does it make worms so dangerous?
The main objective of worms is to spread and affect as many devices as possible. To do this, they create copies of themselves on the affected computer, which they later distribute through different means, such as email or P2P programs, among others. Worms often use social engineering techniques to achieve greater effectiveness and given what we see it is essential to know them and we see some of these more dangerous.
▸Morris worm
First of all Morris was the first self-replicating malware to hit the Internet (ARPANET). On November 2, 1988, approximately 6,000 of the 60,000 servers connected to the network were infected by this computer worm, which led to the creation of the Computer Emergency Response Team (CERT) in response to the needs exposed during the incident, the program tried to find out the passwords of other computers using a search routine that permuted the names of known users, a list of the most common passwords and also a random search.
▸Thunderstrike 2
This one is capable of attacking the firmware of Apple Mac computers unlike the original, the Thunderstrike 2 attack can be carried out remotely by phishing emails and malicious websites, and self-replicating through the peripherals, Intel Thunderbolt ports , USB sticks, etc. Firmware attacks are exceptionally complex to achieve and while being very complex to achieve they are very dangerous due to their complexity.
▸SQL Slammer
This is a computer worm that caused a Denial of Service on some Internet servers and dramatically slowed down overall Internet traffic, as of 05:30 GMT on January 25, 2003. It spread rapidly, infecting the public. Most of its 75,000 victims within ten minutes, this caused that if an address that was infected happened to belong to a host, it would run an unpatched copy of Microsoft SQL Server resolver listening on UDP port 1434, the host immediately becomes infected and begins spraying the Internet with more copies of the worm’s program.
[…] also:What would be the most dangerous computer wormsMoriya is a new rootkit that uses back […]