Interesting Malware - secuguru/security-terms GitHub Wiki
1. Conficker:
- First detected in 2008, this worm exploited Windows OS vulnerabilities, forming a large botnet.
- It spread via network shares and removable media, affecting millions of computers globally.
2. Morris Worm:
- Released in 1988 by Robert Tappan Morris, this was one of the first worms distributed via the internet.
- It aimed to measure internet size but caused widespread disruption due to a bug, affecting approximately 10% of the internet.
3. Zeus Malware:
- Known for banking credential theft, Zeus (or Zbot) was first identified in 2007.
- It used keylogging and form-grabbing tactics and could spread through phishing emails and drive-by downloads.
4. Stuxnet:
- A highly sophisticated worm discovered in 2010, targeting Iran’s nuclear facilities.
- It exploited multiple zero-day vulnerabilities, causing physical damage to centrifuges and marking one of the first known cyberattacks targeting critical infrastructure.
5. WannaCry:
- This 2017 ransomware attack leveraged the EternalBlue exploit to spread through Windows systems.
- It encrypted user data and demanded payment, causing significant disruptions globally, especially in healthcare and other critical services.
6. CookieMiner:
- A cryptocurrency-focused malware targeting macOS users, CookieMiner exploited saved credentials, web cookies, and cryptocurrency wallets.
- Detected in 2019, it was aimed at mining cryptocurrency and exfiltrating sensitive data, notably in the crypto community.
7. Sunburst (SolarWinds):
- Identified in 2020, this malware was embedded in updates of SolarWinds’ Orion software.
- It led to a supply chain attack affecting numerous high-profile government and private sector organizations, making it one of the most far-reaching cyber espionage cases.
These malware instances highlight various approaches to cyber threats, from network worms to sophisticated supply chain attacks. Each had a unique impact, changing how we view and respond to cyber threats.