Computer virus history

Updated: 09/12/2023 by Computer Hope
Robotic bug on a laptop screen.

Listed below are the important historical events relating to computer viruses, including related malware.


For a list of top viruses, see: What are the top 10 computer viruses of all time?


The concept of a computer virus, a program capable of replicating itself, was first mentioned in John von Neumann's 1949 essay titled "Theory of self-reproducing automata."


Richard Skrenta created the first computer virus, called the Elk Cloner, at the age of 15. The virus spread to other computers by monitoring the floppy drive and copying itself to any floppy diskette inserted into the computer. Once a floppy was infected, it would infect all other computers that used the diskette. An infected computer would display a short poem on every 50th boot.


The term "virus" was coined by Fred Cohen in a 1984 research paper.


The first worm, the Morris worm, was created by Robert Morris on November 2, 1988. The Morris worm spread by exploiting Unix finger, rsh, and sendmail command vulnerabilities. It did not cause any damage but rather was developed to determine the size of the Internet.


The first known ransomware attack was the AIDS Trojan in 1989. Created and initiated by Joseph Popp, the AIDS Trojan encrypted file names and hid those files on the computer's hard drive. Victims were told they needed to pay $189 to get the decryption key. Through analysis, the decryption key was included in the ransomware's code and could be extracted without paying the ransom.


The Melissa virus, created by David Smith, began infecting computers on March 26, 1999, and quickly spread around the globe over e-mail in hours. The virus became one of the fastest-spreading viruses in history and caused an estimated $80 million in damage.


Young Filipino students released the ILOVEYOU e-mail virus that began infecting computers and spreading over the Internet starting on May 4, 2000. The virus became one of the most costly viruses ever, estimated causing over $10 billion in damage because of the steps involved in cleaning a computer after it was infected.


Nimda was released in 2001, infecting thousands of computers by spreading through e-mail and web pages. Nimda targeted Internet servers and caused Internet performance to slow down drastically, sometimes even to a halt.

The Code Red worm began infecting Windows computers in July 2001 with the intention of performing a DDoS (Distributed Denial of Service) attack on the White House government web page. Code Red infected computers by exploiting a vulnerability in Windows NT and 2000, causing a buffer overflow. The worm was estimated to have caused $2 billion in damages, despite never succeeded in its intended attack.

The Klez virus was released in late 2001 and infected computers through e-mails and spoofing, making recipients think the e-mails were coming from friends or family. Klez could turn off antivirus programs and manipulate computer files, rendering the computers unusable.


The Blaster Worm, also called Lovsan, Lovesan, and MSBlast, was released in August 2003 and infected millions of computers. It started many Denial of Service (DoS) attacks against Microsoft servers, including Several variants of the Blaster Worm were created, including variant B, which was created by Jeffrey Parson, who was arrested in March 2004.


Netsky was created by Sven Jaschan and released in February 2004, infecting thousands of computers via e-mail and Windows networks. Netsky caused a lot of Internet traffic, resulting in Denial of Service (DoS) attacks. At least 29 variants of Netsky were created by June 2004, and between Netsky and its variants, they accounted for nearly 25% of all viruses on the Internet.

MyDoom worm was released on February 1, 2004, and spread to thousands of computers through e-mail and peer-to-peer networks. MyDoom started many Denial of Service (DoS) attacks against the SCO site, but it shut itself down 11 days later.

Sasser worm was created by Sven Jaschan and released in April 2004. Sasser infected computers by exploiting a vulnerability in a Microsoft Windows called as LSASS. Sasser altered parts of the operating system, making it difficult for users to shut down their computers. The damage that Sasser caused wreaked havoc in the commercial market, causing Delta Air Lines to cancel several flights and various financial companies to close offices.


The Leap-A virus, also known as Oompa-A, infected Mac computers. Leap-A infected computers through the iChat messaging program but did not cause much damage. It was created to show that viruses can infect Mac computers.


The Storm Worm, also called Peacomm and Nuwar, infected up to 10 million computers, and links to download the virus were found in over 200 million e-mails. Infected computers became part of a botnet and connected with 30 other computers to form the botnet. The Storm Worm was first detected on January 17, 2007, and accounted for 8% of all virus infections worldwide by January 22, 2007.


Conficker is a worm released in November 2008, infecting computers to create a botnet. Conficker spread by exploiting a vulnerability in the Windows operating system and infected millions of business, government, and home computers.


The Stuxnet virus was discovered in June 2010.

Computer History