Famous Malware

00:00

Hello. My name is Dustin, and welcome to Mauer.

00:06

Malware and especially ran somewhere are becoming more and more prevalent every single day. It seems like the news is always reporting on a new ransom or outbreak or some of the virus that's going around.

00:19

Some of the most famous types of Mauer you may have heard of includes Stuxnet,

00:23

which is one of the first ventures into cyber warfare.

00:26

Well, Laki Ransomware, which is one of the larger ransomware outbreaks starting at the beginning of 2016

00:34

The I Love You Virus was one of the first larger malware outbreaks, and it was named for the email that delivered it. Having a subject line of I Love You,

00:44

my doom is considered to be one of the most damaging viruses ever released

00:49

and last the Wannacry Ransomware outbreak of 2017

00:53

which targeted window systems and spread via eternal blue, which was an exploit actually developed by the NSA.

01:00

It's important to be able to recognize various types of malware in case you ever need to clean a situation up. If you were able to recognize them. Our it makes that task much easier because you actually understand how it got on the machine what it's doing more attempting to do and how to stop it.

01:21

So the first type of mount where we're gonna go over is actually this Stuxnet worm stocks that is one of the most known Mauer variants on this list.

01:30

It was developed in 2009 by government engineers in the United States in an attempt to damage Iran's nuclear program. It was initially spread via USB thumb drives that were then introduced into the air gapped environment at the plants.

01:46

Um, air gapped means that the plant, computer systems and control systems had zero Internet or outside access, making it impossible to infect him via your traditional means.

01:59

There's really a lot of information that we could discuss about stuck nets. It's actually a very, very interesting story s. So I'd recommend checking out Kim's enters book Countdown to Zero Day, which it's fantastic story going behind the creation, deployment and aftermath of the STUXNET virus.

02:22

Laki Ransomware was initially spread by fake emails and infected attachments, including many different formats like DOT doctor, your standard word document dot Excel s where your excel spreadsheets or ah dot zip files. So which is just say Ah zip archive file.

02:40

Once the file it was opened, it would display incorrect

02:45

plea and look kind all weird with a message that said, Um, please enable macros if the data and coding is incorrect,

02:53

once the user enable those macros a binary file launched which then downloaded the Laki Ransomware

03:00

Laki targeted a wide range of file formats, including some more specific files like file types used by engineers or AH, developers or testers.

03:13

The top 10 countries hit by Laki were France, Italy

03:17

in Germany,

03:19

Spain, the U S Great Britain.

03:23

In Poland,

03:23

Japan, the Czech Republic. In Canada,

03:29

Laki ran somewhere used Arcee 2048 bit encryption within A s 1 28 bit cipher

03:37

which at this time makes it impossible to decrypt. So if you didn't have backups of data, you have to pay the ransom in order to get your information back.

03:50

Typical payment values in order to restore your software and your data ranged in price from half a Bitcoin to a full Bitcoin.

04:02

The I love you virus was let loose on the Internet in the year 2000 and at the time it was the most damaging Mauer event of all time.

04:13

The I Love You virus was spread via email, and it got its name because the email had the subject of I Love You.

04:19

The email contained a malicious Mauer script called Most of Time Love Dash Letter Dash for dash you dot t x t dot VBS Which, if you weren't aware, um, or you just didn't read it correctly,

04:38

it could easily be mistaken for just so a love letter

04:41

Tech stock, you know.

04:43

But it was actually a virus. A malicious VBS script

04:46

once launched the I Love You virus overrode system and personal files while spreading itself over and over and over and over again.

04:57

The I Love You Virus is actually in the Guinness Book of World Records for being known as the most violent virus of all time.

05:08

My doom is considered to be one of the most damaging viruses ever released.

05:13

It is one of the fastest spreading email base. Worms, when it was made back in 2004 hit large companies like Microsoft, Google and the S. E O Group with a DDOS or ah distributed denial of service attack.

05:30

The author of the MyDoom worm is still unknown to this day.

05:33

In 2004 when the mighty virus ran rampant, it was estimated that 16 to 25% of all e mails have been affected by my doom.

05:45

There's a fun fact about my doom that may make you a little bit smarter here. The worm actually contained a text message. Andy, I'm just doing my job. Nothing personal. Sorry, which led many people to believe that the Worms creator was paid.

06:10

They wanna cry. Ran Somewhere

06:12

was a worldwide cyber attack that took place in May of 2017 and targeted computers running Microsoft Windows.

06:21

It spread through an essay or a national security agency developed exploit known as Eternal Blue, which targeted older Windows operating systems.

06:32

This exploit was stolen in released by the Shadow Brokers Group a few months prior to the attack.

06:40

When it was announced and released by the Shadow brokers. Myself actually released patches for all of their current OS is, um that have that exploit available?

06:53

I want to cry when it came out, was that only able to infect older versions that did not receive a patch or a system that was just too old in a patches that were developed for

07:05

wanna cry was actually stopped in four days. When it was initially discovered, a security researcher found a kill switch in its code,

07:15

which then is shut down the hole.

07:19

The whole network, um, Mike's off also released patches for the first time in a really long time that we're four older operating systems they normally don't patch. It was listed as a Nim Urgency security patch and in order to help stop the spread