A worm is a malicious self-replicating computer program designed to infect computers in an attempt to deliver a destructive payload. A typical worm spreads via e-mail messages, file sharing networks or through open network shares. Widely spread complex parasites usually propagate themselves by exploiting certain security vulnerabilities in the targeted remote system. The most worms can infect files, degrade overall system's performance and try to steal sensitive user's information or install other dangerous parasites, such as backdoors or trojans, on it. Worms are very similar to regular computer viruses and, therefore, can rely on different functionality.
How do worms spread and promote themselves?
Worms replicate themselves and infect a computer without user's knowledge and consent. There are three major ways these unsolicited parasites can get into the system.
- Some parasites, called mass-mailing worms, propagate themselves through e-mail messages. They arrive in files attached to e-mail messages or come embedded into letters. Once the user opens such a letter or file the worm silently installs itself to the system. The user cannot notice anything suspicious, as a parasite does not display any setup wizards, dialogs or warnings.
- Widely spread worms infect vulnerable computer on the Internet by exploiting known operating system and installed software security vulnerabilities. Such parasite spread on their own and therefore do not require any user interference.
- Many worms distribute themselves in infected files that arrive attached to instant messages or can be downloaded from file sharing networks or unprotected network shares. Such worms spread the infection in files with meaningful names in order to trick the user into executing them. Once the user opens a file, the worm silently infects a computer.
Worms have been capable of infecting only those computers that run Microsoft Windows operating system. However, today they can also affect Mac OS X and other systems.
What does a worm do on my computer?
The infiltration of worm noticeably decreases overall computer's performance and degrades the speed of the Internet. The infected PC user can also suffer from web surfing problems, system instability and software functionality issues. Moreover, the computer becomes the source of viruses and can pose a serious danger to other hosts and networks. The most of worms can also decrease system's security by modifying security-related application settings and disabling antivirus or anti-spyware protection. Some parasites can infect a computer with the most serious security and privacy threats, such as various backdoors or trojans. The remote attacker can use these pests to gain unauthorized access to a compromised computer, steal user's sensitive information or totally destroy the entire system and all user data.
As you can see, a worm by itself means a significant risk to your privacy and security. Lots of these parasites are designed to collect valuable user information like passwords, bank account details, credit card numbers or identity data, and silently transfer it to the attacker. Some worms are made for criminal purposes. They are created to infect computers of corporate users and steal or disclose to public secret documents and other confidential information. To sum up, these are the most typical activities caused by worm:
- Using a compromised system to spread through e-mail, file sharing networks, instant messenger, online chats or open network shares.
- Infecting files, corrupting installed applications and damaging the entire system.
- Stealing or disclosing sensitive personal information, valuable documents, passwords, login names, identity details and user contacts.
- Installing a backdoor or dropping other dangerous parasites.
- Modifying essential system settings to decrease overall system security and making it more vulnerable.
- Severely degrading Internet connection speed and overall system performance, causing software instability. Some parasites are badly programmed; they waste too much computer resources and conflict with installed applications.
- Providing no uninstall feature, hides processes, files, and other objects to complicate its removal as much as possible.
The most dangerous examples of worms
There are thousands of different computer worms. The following examples illustrate how treacherous and harmful worms can be.
ILoveYou, also known as LoveLetter and Love Bug, is perhaps the most widely-known worm in all history of worms. It struck the computer world in 2000 and infected a big number of systems all over the world. ILoveYou spreads through email as attachment to the letters. However, the text of the letters seems so nice and sweet that users open attachments without even thinking that there could be a virus. The text of e-mail may contain words like “I love you” and everything that is similar to that. ILoveYou spreads very fast, because when it gets to the system, it immediately sends its copies to all the addresses from the Microsoft Outlook Express address book. It also harms the system, by overwriting essential system files, user personal documents, multimedia files, and other critical data. Some ILoveYou variants are responsible for a Denial of Service attack on the official White House website.
MyDoom, also known as Novarg, Shimgapi, and Mimail, is the fastest spreading worm ever. The parasite propagates by e-mail and through file sharing networks. It comes in infected files attached to e-mail messages that trick the user into believing that regular mail servers sent them as delivery error notifications. Once the user executes such a file, MyDoom silently installs itself to the system and runs its payload. The worm sets up a backdoor that gives the remote attacker full unauthorized access to a compromised computer and performs a Denial of Service attack against SCO and Microsoft companies websites. It also blocks access to several popular domains. MyDoom is responsible for significant worldwide Internet performance slowdown that took place at the beginning of 2004. One in ten of all e-mail messages at that time contained a copy of the parasite.
The Iglamer worm is an infamous Internet parasite that infects vulnerable computers running systems with open security breaches. It does not distribute itself with the help of e-mail messages or networks but infects computers directly. This virus does not depend on the user's actions. Iglamer installs itself to the system and searches for other vulnerable hosts. The worm can hang the infected computer or reboot it frequently. It also severely compromises the security of infected systems, so the attackers can connect and control them remotely.
How can I fix my computer and remove worm?
Worms work in the same manner as regular computer viruses and, therefore, they can be found and removed from the system with the help of effective anti-malware. Programs that we tested and recommend for the removal of worms are Reimage and Malwarebytes Anti Malware. These malware removers have an extensive parasite signature databases that can easily detect and remove certain worms and related malicious components.
Database of Worms Parasites
311 ICQ worm
June 14th, 2004 | No Comments
311 ICQ worm spreads through ICQ. With a help of 311 ICQ worm, users get access to remote computers.
September 12th, 2013 | No Comments
Ahack is a dangerous Internet worm, which can give for an attacker a remote access to the target PC system. It...
July 25th, 2004 | No Comments
This is an Internet worm. It may spread via e-mail attachments or through some networks or vulnerable programs...
December 20th, 2006 | No Comments
Allaple.b is a worm that infects network computers by exploiting several known vulnerabilities. It can also sp...
March 9th, 2010 | 1
Almanahe.b is a worm that spreads by infecting executable files on any local, removable or mapped network driv...
May 10th, 2006 | No Comments
Amirecivel.b, also known as Amircivil.b, is a worm that spreads through file sharing networks using the Kaz...
June 23rd, 2006 | No Comments
Amirecivel.e, also known as Amircivil.e, is a worm that spreads by e-mail through messages with infected attac...
July 3rd, 2006 | No Comments
Amirecivel.f, also known as Amircivil.f, is a worm that spreads by e-mail through messages with infected attac...
July 26th, 2006 | No Comments
Amirecivel.h, also known as Amircivil.h, is a worm that spreads by e-mail through messages with infected attac...
October 20th, 2006 | No Comments
Annunci is an Internet worm that propagates by e-mail through messages with infected attachments. Once the use...
June 15th, 2004 | No Comments
Ants3set worm seems to be a 'popular' one, because info about it and its variants can be found relatively ofte...
July 30th, 2004 | No Comments
This is an Internet worm. It may spread via e-mail attachments or through some networks and vulnerable program...
November 10th, 2005 | No Comments
Appflet is a rapidly spreading Internet worm, which propagates by e-mail in messages with attached archives co...
April 5th, 2006 | No Comments
Areses is a rapidly spreading Internet worm that propagates by e-mail through messages with infected attachmen...
February 1st, 2008 | No Comments
Backdoor.Gobot.y is a variant of the mIRC Backdoor Trojan. The most common way of infection is via browser sec...
September 27th, 2011 | No Comments
Backdoor.IRC.Bot is worm which allows a remote attacker to reach infected computer and take control of it. It ...
September 24th, 2013 | No Comments
Badboy is an Internet worm, which attacks poorly protected computers. Once it gets inside the system, this wor...
April 21st, 2006 | No Comments
Banleed is a worm that spreads through unprotected network shares. Once executed, the parasite installs itself...
June 29th, 2006 | No Comments
Banleed.b is a worm that spreads through unprotected network shares. Once executed, the parasite installs itse...
June 5th, 2006 | No Comments
Banwarum is a worm that spreads in the Internet by e-mail, and in local networks by exploiting computers runni...