Timeline of Computer Viruses
— by Sean Spencer, Software Development Expert and Author
1949- Although no viruses or worms were developed, theories of self-replicating programs that spawn viruses or worms are developed.
1966- John von Neumann wrote an article called the "Theory of Self-Reproducing Automata" that was published. This was based his lectures he had held 18 years earlier on this theory.
1971- The Creeper Worm, by Bob Thomas, was an experimental program that was self-replicating. It infected DEC PDP-10 Computers that ran the TENEX Operating System. The Reaper was later developed to delete this virus.
1974- A virus called the Wabbit made continual copies of itself at such high speeds that it would clog the system. The computer system would eventually crash.
1974/1975- John Walker wrote the ANIMAL for the UNIVAC 1108. This became known as on of the first non-malicious Trojans. It spread to other UNIVACs when computer users discovered the game due to overlapping permissions. It was also spread by sharing tapes.
A novel by John Brunner called the "Shockwave Rider" coined the term "worm" by using it to describe a particular program that circulates itself through a computer network.
1981- The "Elk Cloner" for the Apple II Systems was created by Richard Skrenta. It infected the Apple DOS 3.3 and spread to other computers by floppy disk transfer. The "Elk Virus" was responsible for being the first computer virus to cause a massive outbreak ever in history.
1983- While completing his dissertation Frederick Cohen used the term virus in order to explain when a particular computer program is able to infect additional computer programs because it was capable of replicating itself.
1986- Two programmers from Pakistan found a way to replace the executable code found in the boot sector of a floppy disk. It became known as the "Brain" "Brain boot sector" and even the Pakistani flu as well as being the first IBM PC virus.
1987- A virus called Lehigh came from Yale University and it infected command.com files. It was immediately stopped.
Cascade was the first self-encrypting file virus that resulted in IBM developing an antivirus product.
A virus found in Jerusalem called the Jerusalem Virus infected and destroyed all executable files on computers after being activated only on every Friday the 13th. This caused a world wide epidemic a year later.
A boot sector virus for specifically for the Amigas called the SCA virus quickly caused a virus-writer clash. The SCA virus released a more destructive and malicious virus that became known as Byte Bandit.
Another virus that was developed in December of 1987 called the Christmas Tree EXEC. It was the first replicating program that that was able to infect quite a few computer networks internationally.
1988- In early spring, the Ping-Pong virus was discovered at the University of Turin in Italy. It was a type of boot sector virus.
The ARPANET worm was written and it disabled over 6,000 computers.
A virus called the Festering Hate Apple ProDOS spread through underground systems (BBS) and begins to infect mainstream networks.
Robert Tappan Morris develops the Morris Worm that infects DEC VAX and SUN machines that were running on the BSD UNIX. This system was also connected to the internet which made it the first worm to spread into the "wild."
1989- A trojan called AIDS appears. It requested immediate payment in order for it to be removed.
1990- Some of the first antivirus software from Symantec called Norton AntiVirus began to appear.
The first polymorphic virus called the Chameleon was developed.
1991- The Chameleon virus is released and also becomes known as Tequila. With its every changing appearance, it became wide spread and difficult to detect.
1992- There are over 1300 viruses in existence.
DAME or the Dark Avenger Mutation Engine was created and made to turn regular viruses into chameleon like polymorphic viruses.
This toolkit was one of many that were available from the Virus Creation Laboratory.
The Michelangelo was blown out of proportion by the media to have caused a digital apocalypse, when in actuality it caused little damage.
1993- Popularity with shareware caused "Leandro and Kelly" and "Freddy Krueger" viruses to spread a very quick rate.
1994- The first major computer virus hoax called Good Times spreads. It is said that any email with the subject of Good Times is in fact a malicious virus capable of erasing the whole hard drive. Although this hoax was later disproved it will still reappear from time to time.
1995- A virus called "Concept" is developed. It spreads through and attacks Microsoft Word documents.
1996- A macro virus known as Laroux infects Excel, Baza infects Windows95 and Staog viruses infect Linux.
1998- CIH virus's first version begins to appear.
StrangeBrew infects Java files.
A virus called the Chernobyl spreads drastically through executive files. It affected files and certain chips in computers.
Two teens from California were able to infiltrate and control over 500 computer systems from the military, private sectors, and the government.
1999- A worm called the Happy99 appears and attaches itself to emails, hides changes being made and also wishes the computer user a happy New Year. It affected Outlook Express and Internet Explorer on Windows 95 and 98.
Another worm that attacked in a similar way as the Happy99 called the Melissa worm (W97M.Melissa) targeted systems based with Microsoft Word and Outlook Express. It infected nearly one million PCs.
Bubble Boy was another worm that worked similarly to Melissa and Happy99 except that it was able to function without the user opening an email.
The first macro virus capable of infecting multiple programs was known as the Tristate. It infected files from Excel, PowerPoint, and Microsoft Word.
A computer worm from Javascript called the Kak worm, spreads by placing an infection in Outlook Express.
2000- The "I love you" virus, also known as the "Love Bug" infects more than a million PCs. It works similar to that of the Melissa or Bubble Boy virus in the way that it is spread. It sends user names and passwords back to the person responsible for spreading the virus. It is also capable of deleting files such as JPEGs, MP2, or MP3.
The Pikachu virus is the first of its kind to target children.
2001- A virus, known as the "Anna Kournikova", hits email servers extremely hard by sending emails to all the contacts in a given Microsoft Outlook address book. Although it was not a malicious virus it did cause it gave analysts a reason to believe it was written using a tool kit, which could be used by the most inexperienced programmer.
More worms such as CodeRed, Sircam, and BadTrans are causing more problems and becoming more prevalent. CodeRed caused the most damage by infecting nearly 400,000 hosts of web pages in least than 24 hours. BadTrans was designed for stealing credit card information along with passwords.
The Code Red II comes out in China and is even more aggressive than its original.
Shortly after 9/11 a worm called the Nimda, spreads in many different ways including through Microsoft Outlook and through backdoors from previous worms.
The Kiez worm is discovered to find vulnerable holes through Microsoft Internet Explorer, Outlook Express and Microsoft Outlook.
2002- A virus called the LFM-926 infects Shockware Flash files.
Increasing amounts of viruses emerge with celebrity names.
Beast or RAT is capable of infecting nearly all of Windows OS. It is a backdoor Trojan horse.
A computer worm called Mylife spread by sending malicious emails to all of the email addresses in Microsoft Outlook.
2003- The fastest spread worm to date called the "Slammer" infects over 75,000 PCs in just minutes. It was also capable of doubling its numbers every 8 seconds during the first initial minute of infection.
A worm called the Welchia or Nachi tried to remove such other worms as Blaster and attempt to repair windows.
The first worm to be considered spam was called Sobig. It spread quickly through network shares and email of Microsoft systems.
In the fall of 2003 a computer worm, called the Swen, was written using C++.
Vulnerabilities in Microsoft caused computer worms like Agobot and Bolgimo to spread easily.
2004- The fastest email and file sharing computer worm called MyDoom (also Novang) that allows hackers to access the infected computers hard drive. It holds the record for the quickest spreading mass mailer worm.
The Netsky worm spreads through emails by replicating itself to folders found on the local hard drive.
The Whitty worm found holes in many Internet Security Systems related products. The Whitty worm was the first of its kind to spread rapidly through the internet.
The Sasser worm finds holes and soft spots in LSASS, which causes major network problems and interrupts business.
The Caribe was the first computer worm designed to infect mobile phones that had Symbian OS. It spread itself through Bluetooth.
Vundo is a Trojan horse that causes popups and advertising in some antispyware programs. It is also known for denying service with certain websites like Google.
The first webworm called Santy used Google to find targets. It infected nearly 40,000 websites before Google was able to filter the search query that the worm used in order to prevent it from spreading.
2005- A cell phone virus called Commwarrior-A spread from cell phone to cell phone via text message.
Samy XXA becomes one of the fastest spreading viruses to date.
A backdoor trojan horse called the Bandook or Bandook RAT infects the Windows family by taking over the computer. It uses a hijacking method to get by firewalls and access the internet.
2006- Another mass-mailing worm called the Nyxem, is activated on the 3rd of every month. It tries to disable all security and file sharing related software in order to destroy files like Microsoft Office.
Mac OS X experiences the first ever malware, which was in the form of a very low threatening trojan horse called OSX/Leap-A.
2007- A fast spreading email spam threatening Microsoft systems called the Storm worm was discovered. In nearly 6 months it had infected close to 1.7 million computers. By September the numbers had reached millions.
A trojan horse called Zeus steals banking information through a method called keystroke logging.
2008- First serious computer virus called the Mocmex found. It was a trojan that was traced to a digital photo frame.
A trojan horse known as the Torpig affects Windows by shutting down any antivrus applications. This allows others to access the computer and change or steal any confidential information. It also installs more malware onto the infected computer.
A worm called the Koobface targets people who use MySpace and Facebook.
The Conflicker computer worm infects 9 to 15 million servers systems (Microsoft) that were running on a variety of Windows, from Windows 2000 to Windows 7 Beta. Servers from large government organizations like the UK Ministry of Defense were affected.
2009- W32.Dozer follows a series of cyber attacks in the United States and South Korea.
The Daprosy Worm steals passwords for online games. It would steal from internet cafes and intercept on all keystrokes. It is a very dangerous worm since it was affecting business-to-business systems.
2010- A Windows trojan called the Stuxnet was the first worm to hit the SCADA systems.
The Kenzero virus spreads online stealing browser history from peer to peer sites.
2011- SpyEye and ZeuS have merged to form a new way to attack mobile phones to gain banking information.
Anti-Spyware 2011 is a trojan horse that poses as an anti-spyware program. It attacks newer Windows versions like Vista and XP. It blocks access to the internet for virus updates and completely disables security for antivirus programs.
###