The Malware Hall of Fame: Slammer Worm

Also named Sapphire Worm, the Slammer Worm was the fastest spreading worm in history. It spread in less than 10 minutes, infecting over 75, 000 PCs and greatly slowing or shutting down business. The worm caused $1.2 billion dollars in damage, but compared to the ILOVEYOU virus, it’s not so bad.

What it does:

  • Targets an old Microsoft SQL server vulnerability. This is 13 years old, and a reason NOT to skip your updates!
  • Uses random scanning to spread. It finds vulnerable IP addresses to infect. This causes an exponentially high initial spread, much like the Code Red worm.
  • Self replicating and self contained. Does not need any other programs to run.
  • Causes an internet traffic jam – but slips through the cracks. It eats up bandwidth and slows down network connections. Essentially causing a domino effect, one router would stop working, so neighboring routers would spend energy attempting to reroute the traffic.
  • Does not infect specific files in the PC, but rather “lives” on the PC. Thankfully, this worm can be extracted with relatively little damage.

How was Slammer Worm created?

Unfortunately, we still do not know who created the Slammer worm. It surface in 2003 and spread like wildfire. We do know that the Slammer worm spread so quickly due to its use of the internet protocol UDP. It’s faster than what websites and emails use – this way, it doesn’t need any permission to slip into your system.