MSP Blog Logo

BDR

Business Growth

Cybersecurity

Help Desk

MDM

RMM

Sales & Marketing

Subscribe

Empowering Your MSP Business to Grow and Prosper—One Post at a Time

5 Ways to Improve Your MSP Service Level Agreement (SLA)

Featured Post

5 Ways to Improve Your MSP Service Level Agreements (SLAs)

SLAs are the foundation of your MSP business. They are essential to building strong client relationships and must be clear, reasonable and well-constructed.

Read Now

#TBT - 5 Malware Threats Clients and Users Fell Victim To

Posted February 18, 2016by Mary McCoy

Before CryptoLocker, CryptoWall and other ransomware - like the kind that Hollywood Presbyterian Medical Center recently fell victim to - ruled the malware kingdom, these five other notorious attacks tried your patience for end users and loved ones. Which worms, Trojans, adware, viruses, etc. made our list? Hint: one destroyed my love for animated monkeys, save for Curious George, Diddy Kong and Abu. Spanning the last two decades, here are some of the worst cases of malware that rocked the worlds of system administrators and IT service providers. Hop into our blog time machine, and relive the malware that you can now hopefully laugh at. 

...Too soon? 

1. BonziBuddy (1999) - My Own Brush with Malware

bonzi-buddy-nightmare.jpg

image source: https://www.youtube.com/watch?v=x6-okLezz4s

OK so maybe he doesn't rank with the rest of the big malware names of the day, but who else remembers that purple gorilla from Hell named BonziBuddy? As I learned in my earlier years, this desktop agent was anything but a pal. Sure, he wormed his way into all our hearts with his charming juggling tricks and musical numbers like Bicycle Built for Two, but these were cheap ploys to gain our trust. Make no mistake, he was no Clippy. There was and will only ever be one Clippy, and he mysteriously vanished into thin air. All mourning for digital office supplies aside, BonziBuddy was originally advertised to Microsoft users as a sidekick available to help with Internet browsing. Instead, after his release into the wild in 1999, Bonzi Foe terrorized PCs, flinging poop (no, not actually though it's not hard to imagine when we have a poop emoji on our phones) and crashing programs.

Sadly, I learned this the hard way when I gave the McCoy family computer the swine flue of viruses after downloading the adware as a child. A step up from my collection of animal figurines, my friendship with Bonzi started out strong. He performed backflips for me, and I giggled and continued to click for more. Then one night, after he took everything he wanted, Bonzi turned on me and didn't even have the decency to return his friendship bracelet. All of a sudden, our computer kept freezing and required a major clean-up. Now widely recognized as malware of yesteryear, BonziBuddy taught a young Mary that all downloads have consequences. After that, I was much more discerning of online scams. The same can't always be said for your clients, can it? Teach them how to identify malware warning signs, detect foul play, and then help establish security policies and procedures that can be tested regularly! 

Now that I've got that out of my system, let's continue our stroll down malware memory lane with these other more notable bugs...

2. ILOVEYOU (2000)

                        ILOVEYOU_computer_virus.png

image source: http://techwikasta.com/2013/07/top-10-dangerous-computer-virus/

Suffice it to say users weren't feeling the love when they were hit with this computer worm, one of the first big email malware of its kind, back in 2000. Also commonly known as Love Letter, the email appeared to come from a secret admirer with its "ILOVEYOU" subject line. Like many phishing email schemes perpetuated today, the worm infected computers through a malicious email attachment. The file attached in the original version, LOVE-LETTER-FOR-YOU.TXT.vbs, masqueraded as a TXT file, but was actually script the hackers used to attack those who opened it. The vbs extension was not visible to email recipients because at the time, Windows hid all file extensions by default. Just like attackers do now, the masterminds behind the ILOVEYOU virus exploited a system vulnerability to gain access to computers. So what was the damage? In 10 Worst Computer Viruses of All Time, Jonathan Strickland cites McAfee, sharing the various ways the worm infected victims. A few examples include the virus copying itself and hiding in several folders on users' hard drives, downloading a password-stealing application and adding new files to victims' registry keys. All in all, Love Letter cost $10 billion in damages, and what's more? The two believed to be the original perpetrators of the bug - which originated in the Philippines - were never charged. 

 

3. Code Red (2001)

mountain_dew_code_red_virus.jpg

image source: https://www.youtube.com/watch?v=9xIqF0La6Ik

This next virus was named after the Mountain Dew beverage the two eEye Digital Security employees were drinking when they discovered it fifteen years ago. Like the ILOVEYOU virus, Code Red hackers exploited an existing system weakness - this time within the OS - to carry out their attack. Targeting computers with Microsoft IIS web server installed, the computer worm took advantage of a buffer overflow problem in Windows 2000 and Windows NT. Essentially, once a machine reached its buffer capacity, it would start to overwrite adjacent memory. Once launched, the Code Red worm executed code from within the IIS server and was virtually undetectable on hard disks because it was able to run solely on memory. So how did it behave? Once a computer was compromised, Code Red attempted to make a hundred copies of itself. Due to a bug in programming, however, it actually infected many more devices, maxing out CPU loads and exhausting system resources. The worm even launched a distributed denial of service (DDoS) attack on the White House, attempting to crash its web servers by flooding them with simultaneous traffic requests from infected computers. According to HONGKIAT's 10 Most Destructive Computer Viruses, Code Red impacted one to two million IIS servers, alarming given that there were around six million at the time. It's not surprising then that the virus resulted in two billion dollars lost in productivity.

 

4. Conficker (2008)

Conficker_computer_virus.jpg

image source: https://www.microsoft.com/security/pc-security/conficker.aspx

Next, we jump forward in time to 2008 with Conficker, sometimes referred to as Downup or Downadup. Like Code Red, it used flaws in Windows OS to compromise machines. Conficker also targeted systems with weak passwords, guessing administrator credentials to obtain access to local networks and spread. Additionally, according to PC World, "the worm infect[ed] removable devices and network shares with an autorun file that execute[d] as soon as a USB drive or other infected device [wa]s connected to a victim PC." One of the reasons why the botnet generating worm was so dastardly is because advanced malware techniques made it hard to suppress and contain. In fact, once computers were infected, Conficker triggered the installation of additional malware. On top of this, one infected computer put all other machines connected to the same network at risk. By being so contagious and resilient, the malware is one of the most significant worm infections to date and reportedly compromised nine million computers.

5. Flashback (2011)

Myth-_Apple_Products_Are_Invincible_to_Malware.jpg

This fifth example, while last in this post, certainly doesn't complete the list of most notable malware. Still, it's a good one to flag for proving Macs aren't invincible to viruses. Only a few years ago, antivirus company Intego discovered Flashback, a Trojan that posed as a fake Flash install, targeting systems running Mac OS X. Victims meant to download a trusted browser plug-in for video streaming, but actually installed code that collected their personal information to send back to attackers. By designing the malicious installer to be indistinguishable from legitimate Adobe downloads, the hackers successfully employed social engineering tactics to coax users into downloading the malware. Their infected machines then became part of larger botnets, distributing the virus further. Eventually the Trojan evolved into a more sophisticated variant that self-installed on Java enabled machines, which only helped grow the number of infected computers. In total, more than 600,000 Macs suffered from Flashback, 22,000 of which were still compromised three years later.

 

The IT Community's Malware Memories

We also asked members of Spiceworks and MangoLassi to share examples of malware their clients fell victim to. See below for highlights, including one response which was already referenced in the above list. Can you guess which one? 

KOOBFACE malware

 

Code Red Malware

SWEN and ANTIVIRUS XP 2007

 

With the prevalence of cybercrime and online threats, having a strong antivirus solution is not an option. Look for AV software that detects and protects clients from both major threats like CryptoLocker and minor vulnerabilities which could escalate later, doesn't consume too much network bandwidth or PC disk capacity, doesn't slow down processing speed and provides a hassle-free end user experience. The right endpoint security suite will be your greatest defense against malware and other outside attacks.

What malicious programs and schemes still haunt you? Leave a comment below!

WEBINAR-Demystifying-the-threat-landscape-with-webroot

 

Sources:

Meet Mary! Mary McCoy is a Senior Demand Generation Programs Manager at Continuum, where she's worked for over two years. Mary has consulted with hundreds of partners, lending website, blog and social media support. Before that, she graduated from the University of Virginia (Wahoowa!) with a BA in Economics and served as digital marketing intern for Citi Performing Arts Center (Citi Center), spearheading the nonprofit’s #GivingTuesday social media campaign. Like her school’s founder, Thomas Jefferson, Mary believes learning never ends. She considers herself a passionate, lifelong student of content creation and inbound marketing.

RMM 101: Must-haves for Your IT Management Solution
MSP Guide to Managed Services SLAs  [white paper]
comments powered by Disqus