The history of malware


Creeper Virus

In 1971, Bob Thomas at BBN created Creeper as an experimental self-duplicating program that was intended not to inflict damage on, but to illustrate a mobile application. Creeper corrupted DEC PDP-10 computers operating on the TENEX operating system by messing around the installed printers, displaying the message "I'm the creeper, catch me if you can!"


Elk Cloner

In 1982, Richard Skrenta, then fifteen years old, wrote the virus for the Apple II operating system, which was stored on floppy diskettes. Because computers of that time had dual floppy disk drives, and because diskettes were often passed around among friends, the virus was frequently copied.


The Brain Virus

The Brain Virus is considered to be the first PC virus created by Basit Farooq Alvi in Lahore, Pakistan. Brain gets its name from the fact that it changes the name of the disk volume label to (c)Brain.

PC-Write Trojan

The PC-Write was the first trojan which tried to pass itself off as a shareware version of a text processor. The problem faced by the users was that, while the user wrote, PC-Write deleted and corrupted files on the computers' hard disk.


Morris Worm

The Morris Worm was launched surreptitiously from an MIT computer by graduate student Robert Tappan Morris at Cornell University, and spread to internet-connected computers running the BSD variant of UNIX. The worm was designed to be undetectable, but a design flaw led it to create far more copies of itself than Morris estimated, and resulted in the drastic over-taxing of all the computers on which it was installed.


Michelangelo Virus

The Michelangelo virus is a computer virus first discovered in February 1991 in Australia. The virus was designed to infect DOS systems, but did not engage the operating system or make any OS calls. Each year, the virus remained dormant until March 6, the birthday of Renaissance artist Michelangelo. There was no reference to the artist in the virus, but due to the name and date of activation it is very likely that the virus writer intended Michelangelo to be referenced to the virus.


Melissa Virus

Melissa was a fast-spreading macro virus that was distributed as an e-mail attachment that, when opened, disabled a number of safeguards in Word 97 or Word 2000, and, if the user had the Microsoft Outlook e-mail program, caused the virus to be resent to the first 50 people in each of the user's address books.



The ILOVEYOU virus came in an e-mail note with "I LOVE YOU" in the subject line and contained an attachment that, when opened, resulted in the message being re-sent to everyone in the recipient's Microsoft Outlook address book and, perhaps more seriously, the loss of every JPEG, MP3, and certain other files on the recipient's hard disk.


SQL Slammer

SQL Slammer was a computer worm that caused a denial of service on some Internet hosts and dramatically slowed down general Internet traffic. It spread rapidly, infecting most of its 75,000 victims within ten minutes.



Commwarrior was the first mobile phone worm to send a copy of itself via an MMS message. When executed, the worm placed several files in different directories, which contained text indicating its creator and origin.


The Koobface worm used Facebook's messaging system to infect PCs in an attempt to gather sensitive information such as credit card numbers. Koobface propagated by sending notes to Facebook friends of someone whose PC had been infected. The messages, with subject headers like, "You look just awesome in this new movie", direct recipients to a website where they were asked to download what it claimed was an update of Adobe Systems Inc's Flash player.



Conficker, a fast-spreading worm, targeted a vulnerability in Windows operating systems. Also known as Downadup, Conficker was discovered in November 2008. Since that time, Conficker has infected millions of computers and established the infrastructure for a botnet.



Stuxnet was a computer worm that targeted industrial control systems that are used to monitor and control large scale industrial facilities like power plants, dams, waste processing systems and similar operations. It allowed the attackers to take control of these systems without the operators knowing, and thereby allow hackers to manipulate real-world equipment.