10. Elk Cloner
Iain Thomson: Elk Cloner was written by a 15-year old high school student called Rich Skrenta as a practical joke. Unfortunately for him the joke turned bad very quickly.
The virus was developed for the Apple II system and was a boot sector virus that spread via floppy discs. Apparently Skrenta was a fan of pirated games and would swap them with his friends, sometimes with little messages added. After one too many of these infected discs, he devised a way to alter discs automatically and the Elk Cloner virus was invented.
It had little in the way of a payload. Every 50th time a person booted an infected disc the software ran a little program on the computer screen, and that was it. Nevertheless it was a serious annoyance and was a harbinger of things to come.
Shaun Nichols: And they say Apple computers don’t get viruses. What Skrenta did not realise was that he was helping to popularise what would later become standard practice for spreading viruses.
Elk Cloner spread through what is now known as a ‘boot sector’ infection. The virus copied itself into the boot sector of a floppy disk and then spread into all future disks. This became a popular attack method for Apple and PC computers, taking over as the preferred method of infection until the internet came along and email attacks emerged.
9. Klez
Iain Thomson: Klez is a persistent little devil, and variants are still doing the rounds today, seven years after it first turned up.
The most common varient, Klez H, spoofs email addresses by randomly picking one from an infected machine before sending itself on to other users. This makes backtracing the identity of the infected machine particularly difficult, since any email stored for any reason can be used.
It exploits a vulnerability in Outlook that allows it to boot up automatically on unpatched systems. It’s a cunning little devil but for all its ingenuity I still want to strangle the writer.
Shaun Nichols: The late 1990s and early 2000s were not only the golden age of the internet, they seemed to be the golden age for malware. Over that time period, few viruses were able to match the reign of Klez.
Like many other viruses of its time, Klez spread through email. Users were duped into opening infected files and, once the malware was installed, the victim’s address book was opened and copies of the attack were sent to contacts.
Klez, however, took this a step further. Not only did the virus send itself to people in your address book, it pretended to be from other people. Later, the worm wreaked further havoc by pretending to be its own removal tool.