A Brief History Of Viral Time

From simple viruses that spread via floppy disk, to worms that hitch a ride on the Internet, to today's back-door Trojans and spyware, the past 20 years of malware have been a bumpy ride indeed.
Enter The Internet

As floppy disks became close to extinct, so did viruses using floppies as a medium of transport; the Internet became the medium of choice. Internet access was becoming ubiquitous -- everyone was getting a modem.

20 Years Of PC Viruses


 A Brief History Of Viral Time

      •  The Early Years

      •  Viruses Get Smarter

      •  Enter The Internet

      •  Today's Malware

 The 10 Most Destructive Viruses

 Early Days On The Antivirus Front

 What To Do In A Malware Attack

 Virus Image Gallery

 Virus Timeline

Even relatively unsophisticated computer users had access to online playgrounds such as AOL, CompuServe, MSN, and GEnie, along with the e-mail and downloading hazards they presented. None of these services initially had any adequate virus-checking or scanning measures in place, so downloading software was dangerous.

Around 1995, macro viruses started being written to take advantage of programming languages inherent in applications as diverse as Lotus 1-2-3 and Microsoft Word. One of the most prevalent macro viruses was the simple Concept virus. It removed all macros in infected files and disabled some of Word's menus, but was otherwise not destructive. Concept was most prevalent in 1995-1997.

Even worse, many of these new viruses took advantage of e-mail/SMTP capabilities in Windows systems by mass-mailing infected files to recipients listed in the address books of popular e-mail programs such as Microsoft Outlook. A good history of macro viruses can be found in Dr. Alan Solomon's seminal paper "Introduction to Macro Viruses" -- a must-read for anyone interested in virus history.

Besides displaying this joke image, the VBS/Monopoly virus sent itself to everyone in the recipient's Outlook address book. Courtesy of Sophos. Click image to enlarge and to launch image gallery.

As we leave the decade, don't forget that 1999 gave us the virus of the century: Melissa, a combination macro virus and worm. Among other payloads, Melissa inserted quotes from the animated television series The Simpsons in Word documents. But what was devastating was how Melissa spread: by forwarding the infected Word document as an e-mail attachment to 50 people in the computer's Outlook address book.

Melissa propagated more rapidly than any previous virus, infecting an estimated 1 million PCs. The antivirus world was initially not prepared to handle this kind of quick-spreading threat, but came up with solutions very rapidly. Melissa was a wakeup call -- malware wasn't done with computer users by a long shot.

The current decade has seen increasingly sophisticated and fast-spreading worms, including ILOVEYOU (2000), which used the promise of a love letter to fuel its massive spread; Nimda (2001), notable for its sophisticated infection and replication techniques; Code Red (2001), which infected hundreds of thousands of Web pages; MyDoom (2004), the fastest-spreading worm to date; and Sasser (2004), which caused disruptions to satellite communications, airlines, financial services, and more across the globe.

The Hybris worm upgraded itself over the Internet and at times displayed a large animated spiral in the center of the screen. Courtesy of Sophos. Click image to enlarge and to launch image gallery.

One worm that had an unexpected positive effect was 2003's SQL Slammer (a.k.a. Sapphire). Finding security holes in computers running Microsoft's SQL Server or SQL Server Desktop Engine (MSDE), it infected a huge number of machines very rapidly -- 75,000 computers in 10 minutes -- causing massive slowdowns and server crashes across the Internet. Now for the good news: Because only non-updated systems were vulnerable to SQL Slammer, Microsoft reports, substantially more people are keeping their Windows systems up to date since this worm hit.

Editor's Choice
Brian T. Horowitz, Contributing Reporter
Samuel Greengard, Contributing Reporter
Nathan Eddy, Freelance Writer
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing