These attacks affected computers in over 150 countries and caused an estimates $4 billion dollars in damages all around the world. This vulnerability gained notoriety in 2017 when it was exploited to carry out the global WannaCry ransomware attacks. EtenernalBlue is the name of a vulnerability in the Microsoft Server Message Block (SMB) protocol. Although Stuxnet is believed to have got onto the power plant’s systems via a pen drive, to spread, it used four zero-day vulnerabilities, as well as the same vulnerabilities that Conficker used. In June 2010, a cyberattack called Stuxnet managed to destroy the centrifuges at an Iranian nuclear power plant.
Despite how how far it spread, Conficker did not cause extensive damage. It is estimated to have infected between 9 and 15 million computers. As Conficker spread, it used the infected computers to create a botnet.
It exploited several vulnerabilities, including one in a network service found in several versions of Windows such as Windows XP, Windows Vista, and Windows 2000. Conficker is a worm that was first detected in November 2008. Although it didn’t affect a large number of computers, it had a major impact on its victims: It is estimated that affected companies spent an average of $97,000 on cleaning the malware from their systems and needed around 80 hours to disinfect their systems. It forced infected machines to restart continuously each time the computer restart, a new copy of Zotob was created. This worm, which infected systems running various Microsoft operating systems including Windows 2000, exploited various vulnerabilities, including the vulnerability MS05-039 in Plug & Play services.
Six months before the incident, Microsoft had released a patch to fix this bug. In order to spread so quickly, SQL Slammer exploited a buffer overflow vulnerability in Microsoft’s SQL Server. It caused denial of service for several Internet providers, and dramatically slowed down Internet traffic. SQL Slammer is another worm that, in 2003, infected around 75,000 machines in just ten minutes. While the creator’s intention wasn’t to cause any damage, rather to highlight security weaknesses, it caused between $100,000 and $10,000,000 in damages.
It exploited known vulnerabilities in Unix Sendmail, rsh/rexec, as well as weak passwords. Morris Worm was one of the first computer worms to spread via the Internet. To see one of the first examples of a computer virus that exploited known vulnerabilities, we have to go back to 1988, two years before the World Wide Web was invented. Here, we’re taking a look at some of the most important vulnerabilities of the last 30 years, and the incidents they have caused. In fact, according to one study, by the end of 2020, 99% of successfully exploited vulnerabilities will be known before the incident. Vulnerabilities in operating systems and applications are one of the most popular points of entry for cybercrime. Vulnerabilities are a cybercriminal’s best friend However, there is one other element that many of the most notorious cyberincindents of the last 30 years have had in common: vulnerabilities. In fact, paradoxically, evolution and change could be seen as the only constants in cybercrime. In the 30 years since Panda Security was founded, we’ve seen everything from computer viruses delivered from floppy disks, malicious attachments, Trojans and ransomware, to live hacking and fileless threats.