The 10 worst computer viruses in history Those two words instantly make us sweat—and for good reason. Since the 1980s, viruses have wreaked havoc on everything from our inboxes to industrial facilities. While cybersecurity has improved, the damage done by viruses throughout history is a reminder of what these bugs can do.
Picture it: It’s 1986, and you see a message on your Windows PC saying your computer is infected with a virus. To remedy the situation, you’re instructed to call brothers Basit and Amjad Farooq Alvi. At that moment, as you pick up your phone and start to dial, you immediately regret pirating the brothers’ software (as you should).
Melissa – 1999
In 1999, computer viruses were still a relatively new concept. However, the Melissa virus, known as the fastest-growing virus of that time, quickly highlighted them as a growing concern for all.
It all started when a man named David Lee Smith used an AOL account to upload a file to the internet that, when downloaded, would hijack early versions of Microsoft Word. If a user also had Microsoft Outlook, the virus would send itself via email to the top 50 people in a user’s address book.
While that may not seem like that big of a deal, it was. According to the FBI, many corporate and government email servers became overloaded and had to be shut down. In addition, internet traffic slowed to a trickle.
ILOVEYOU – 2000
Who doesn’t want to find a love letter in their inbox? Unfortunately, many Romeos and Juliets in 2000 fell victim to a virus after clicking what looked like a love letter in Microsoft Outlook.
The ILOVEYOU virus (known as Love Bug back then) was technically a worm and started as a seemingly innocent email. The subject line, “ILOVEYOU,” drew email users to click. Inside, a text file titled “LOVE-LETTER-FOR-YOU.TXT.VBS” was waiting. Once the text file was opened, the worm would go on to permanently damage files such as photos and critical documents on a user’s computer. Even worse, it would attach itself to all the addresses in Microsoft Outlook, spreading like wildfire. As a worm, no further human intervention was required to keep ILOVEYOU moving. As a result, millions of computers became infected in only a matter of days.
Code Red – 2001
One of the more ominous-sounding viruses on our list, Code Red took over corporate IT in 2001. In fact, it’s regarded by many as the first severe attack on a corporate system.
The Code Red worm specifically targeted systems running Microsoft Internet Information Services (IIS) for Windows Server. As described in a Microsoft Security Bulletin, the attacker could use an unchecked buffer, establish a server session, conduct a buffer overrun, and execute code on the web server.
The result? Important websites would display “Welcome to http://www.worm.com! Hacked by Chinese!” and nothing else. The worm was also the cause of various dangerous denial-of-service (DoS) attacks. But that ominous-sounding name? It was inspired by the drink the security employees were sipping when they found the worm: Mountain Dew Code Red.
Nimda – 2001
Nimda struck just a few months after Code Red and just a short time after the September 11th attacks that left us in shock. As a worm, Nimda was similar to ILOVEYOU and Code Red in that it replicated itself.
However, Nimda was particularly damaging as it was able to spread in various ways, including via email and compromised websites. Nimda affected Windows operating systems and was able to modify system files and even create guest accounts. Due to Nimda, millions of machines were infected, and many large corporations had to shut down their networks and operations. The actual cost of Nimda has yet to be fully estimated. But trust us when we say it’s a lot.
Sobig – 2003
While opening an email may not lead to infection, email attachments are a whole other can of worms (pun intended). Opening weird attachments from email addresses you don’t recognize is a big no-no. And while many email users today know this, things were different in 2003.
The Sobig worm infected millions of Microsoft computers via email. The threat would arrive in your inbox with a subject line like “Details” or “Thank you!” And inside, there would be an attachment just begging for a click. When clicked, Sobig would infect the computer, search for other email addresses in various computer files, and then quickly replicate by sending itself to those addresses.
What’s worse, Sobig had multiple variants, including A, B, C, D, E, and F. The “F” variant was by far the worst of the group. In August of 2003, it was reported that one out of every 17 emails was a copy of the Sobig.F virus. Due to its spreading capabilities, Sobig overwhelmed networks worldwide and resulted in billions of dollars in damages.
Mydoom – 2004
“I’m just doing my job, nothing personal, sorry.”
This was the email message sent by the email worm, Mydoom, first discovered in 2004. And a job it did, indeed. Mydoom quickly became the fastest-growing email worm in history. In fact, it still holds the title.
Similar to Sobig and other worms on this list, Mydoom was primarily spread through email attachments. If the attachment was opened, the worm would send itself to other email addresses found in the user’s address book or other local files. The fast growth of Mydoom slowed internet traffic worldwide. At the time, it was reported that some websites were experiencing response times 8 to 10% lower than the average. Mydoom was also behind multiple DoS and DDoS attacks, including attacks against the US and South Korea.
Zeus – 2007
Zeus, also known as Zbot, is trojan malware infecting Microsoft Windows. The malware most commonly targets financial or banking information. The first sighting of Zeus was in 2007, when the malware was found stealing information from the US Department of Transportation.
Zeus works by developing a botnet, which is a network of remote-controlled computers or bots that have been infected by malware. As a result, an attacker can control multiple computers at once. Zeus often infects a computer after a user clicks a malicious link in an email or downloads an infected file.
Why is Zeus so dangerous? For example, the malware can use keylogging to capture sensitive information such as online banking passwords. In fact, in 2010, the FBI busted a crime ring that used the Zeus trojan to steal around $70 million from its victims.
Stuxnet – 2010
Stuxnet made headlines in 2010 as the first worm developed to target industrial control systems. The worm inflicted physical damage on Iran’s nuclear facilities, particularly centrifuges. How? By exploiting vulnerabilities found within Windows to gain access to the software used to control the industrial equipment. Stuxnet was also unique in that the worm was first introduced to computers using infected USB drives. Yes, physical USB drives. Even now, Stuxnet is hailed as the world’s first cyberweapon.
PoisonIvy – 2011
PoisonIvy does more than make its victims itch. Known as a backdoor trojan or remote access trojan (RAT), PoisonIvy is used to gain access to a victim’s computer. While PoisonIvy isn’t a virus but a type of malware, it deserves a place on our list nonetheless.
PoisonIvy was first identified in 2005. However, one of the most notable attacks using the trojan occurred in 2011. Known as the Nitro hacking attacks, PoisonIvy was used to steal critical information from chemical manufacturers, government agencies, and other organizations. PoisonIvy is dangerous because threat actors can access a computer for keylogging, screen capturing, and more. The trojan is also used to steal passwords and other critical personal information.
WannaCry – 2017
The WannaCry ransomware attack took place in May 2017. The goal was simple: to hold a user’s files hostage and get paid in Bitcoin.
The WannaCry attack used a leaked hack known as EternalBlue to gain access to computers running Microsoft Windows. Once in, WannaCry would encrypt the computer’s data. Then, users would see a message demanding a Bitcoin payment for the release of their files. Unfortunately, WannaCry did have its victims. In 2017, the damage was estimated to be in the billions. Even today, WannaCry still exists, highlighting the importance of protecting ourselves from ransomware.