They say the business of crime is always booming, and with costs related to cybercrime expected to top $10.5 trillion by 2025, that business could be coming from your pocket. Criminals use various methods to lift personal data, financial information, and security details from unsuspecting victims, including malware, ransomware, worms, and viruses. Although these methods are unique in how they function and steal critical data, the average user calls them viruses. And unlike what some believe, viruses are as old as computers, they impact Macs just as much as PCs, and they are not victimless crimes. Now let's look at some of the most famous, devastating, and complex computer viruses ever to hit devices!

The 11 Worst Computer Viruses 

Some viruses have well-known origin stories with prolific creators like Sven Jaschan and his Sasser worm. Likewise, other attacks arrive as unsuspecting word documents that unleash digital hell with no rhyme or reason and origins as mysterious as the internet itself. Here are eleven examples of some truly terrifying computer viruses. 


In the 1970s, there was no internet. Instead, there was a prototype networking system called Arpanet that connected several high-level universities and government programs, so when a distracting computer worm showed up, it was a complete surprise. This computer worm would traverse Arpanet's networks leaving messages such as "I'm the creeper: catch me if you can." Unlike the dangerous malware that plagues the internet today, the Creeper worm didn't come from malicious intent but rather as an experimental program as proof that self-replicating programs were possible. As a result of the Creeper's introduction, the first antivirus, the Reaper, developed from the need to clear infected systems. It also led to the development of the first authentic virus infecting the Apple II computer, the Elk Cloner. 

Morris Worm

The Morris Worm takes its name from creator Robert Tappan Morris, a Harvard graduate, who developed and launched the Morris Worm in November 1988. Initially, the Morris Worm hit computers at MIT and quickly grew to impact computers through the internet at major universities and government sites. What makes the Morris Worm dangerous is that it was able to bring infected computer processes to a crawl, impacting computations for weeks at a time. It was also difficult to identify and even more challenging to remove. Although Morris never intended malicious intent when developing his worm program, it escalated rapidly, damaging systems worldwide. These damages resulted in criminal charges for Morris, which were the first convictions of its kind, furthering the Morris Worm's notoriety. 


Conficker goes by many names, such as Downup, Downadup, and Kdo. It's a collection of viruses that target windows-based platforms with a history stretching back to 2003. Conficker spreads by displaying phishing alerts that trick users into downloading viruses masquerading as antivirus programs. Conficker would add infected devices to a botnet — a collection of infected machines — controlled by hackers who could then use the botnet to execute further virus attacks. Cybersecurity experts have done much to curb Conflicker's destructive capabilities, yet it still propagates through network sharing, impacting devices even today.


Another early virus impacting IBM's personal computers was the Brain virus. Amjad Farooq Alvi and Basit Farooq Alvi created the Brain virus not as ransomware but as a copyright protector for their medical equipment. It was deliberately non-destructive and avoided hard drive BIOS systems, which inadvertently made it harder to detect. Brain worked by replacing the boot sector with a copy of itself, displaying text, and slowing down the floppy drive. It soon made its way to computers around the world, with several users reaching out to the duo for a method of removing the disruptive virus from their devices.

Love Letters

The Love Letters worm, also known as the ILOVEYOU virus, hit computers in May of 2000. It spread through email attachments with the subject line of ILOVEYOU, and users would unknowingly open an executable menace. Opening the file springs the worm's trap — a Visual Basic script that damages files on infected computers. The Love Letters worm was the brainchild of a college student, Onel de Guzman, who studied in the Philippines. He created the program to steal passwords to gain access to free services, claiming to be impoverished. Infected computers became hosts where the virus would copy itself, find contact information in address books, and continue the cycle. As a result of Guzman's worm, cybersecurity laws in the Philippines changed, and victims suffered approximately $10 billion in damages.  


Sobig is another series of computer worms that propagates through email attachments with various extensions. The first version discovered in the wild was Sobig. B in 2003, while beta versions of Sobig. A appeared in 2002 and saw updates through Sobig.F. Sobig infects a host computer by opening the attached email file. Once active, the worm replicates itself, gathers target emails, and damages essential operating system files along the way. Sobig.B and its many variants evolved quickly into the second-fastest worm to enter the wild after Mydoom. The devastation caused by the Sobig worm caused authorities to offer a $250,000 bounty for any information that led to the creator's arrest. As of today, the bounty remains unclaimed. 

SQL Slammer

What started as a proof of concept and backdoor vulnerability exposure by David Litchfield quickly deteriorated into digital mayhem. The SQL Slammer exploited a bug in Microsoft's SQL server databases, initially identified by Litchfield, allowing it to infect vulnerable and unpatched systems. The SQL Slammer worm uses denial of service attacks on internet hosts, slowing internet traffic by creating random IP addresses, sending copies of itself to those addresses, and infecting devices lacking security. Once it infects a machine, it can distribute copies through the internet. Experts first noticed SQL Slammer in early 2003 as it slowed internet traffic and collapsed various web pages and networks. With a small file size, it could slip into networks within a single packet, leading to difficulties in detection. 


The cybercriminals behind Mydoom did what the creators of Melissa, Cryptolocker, and Wannacry failed to do — create the most devastating computer virus. The Mydoom worm, also known as Novarg or W.32.Mydoom, first launched in 2004 but quickly spread through malicious email attachments and the now-defunct Kazaa sharing platform. Mydoom works by adding infected computers to a botnet to carry out distributed denial of service (DDOS) attacks while simultaneously deploying backdoor trojan horses to allow additional malware infection. Mydoom eventually takes control of the target device's operating system, turning it into a mindless drone. Although it's still an active virus, it primarily exists in isolation. All told, the estimated damage of Mydoom's attacks lands somewhere near $38 billion.

Code Red 

Code Red gets its name from the famous Mountain Dew beverage cybersecurity analysts were drinking when first discovered in 2001. The first sign of Code Red's existence was an attack on the Microsoft IIS web server, which many now accept as the first large-scale attack on enterprise networksCode Red is a worm developed to exploit a buffer overflow vulnerability. After achieving overflow using a long string of N characters, Code Red would execute arbitrary code to infect computers and websites using IIS Servers, including the White House's website. Interestingly, Code Red has the exact origins in the Philippines as the ILOVEYOU virus, leading to concerns about rising cybercrime in the area. 


Equal parts daring, destructive, and complex, the Stuxnet virus was the invention of US and Israeli intelligence designed to attack Iran's nuclear capabilities. Unlike other viruses, the Stuxnet virus infected devices through USB devices capable of distributing complex code that poses as critical control software sending instructions to cause physical damage to centrifuges and other equipment. The Stuxnet virus scanned for connections to electro-mechanic equipment, exploiting zero-day vulnerabilities that caused catastrophic failure of Iran's uranium enrichment capabilities. Stuxnet's effectiveness earned it the moniker of the first digital weapon due to its complexity and ability to cause physical damage. While Stuxnet completed its mission, it unintentionally entered the wild, creating havoc outside the controlled nuclear facilities that were the original target. Its mere existence threatens the physical systems that power our modern world. 


Zeus, or Zeus Trojan Malware, is a Trojan horse virus designed to skirt past antivirus software to steal financial data from users. It started infecting devices in 2007, rising to fame as one of the most successful botnet apps. Zeus' ability to operate as a botnet allows cybercriminals to execute attacks by monitoring activity and keylogging to access secure information. It's extra dangerous because of the ability to subvert multi-factor authentication (MFA) protections. In 2010, Zeus's creator supposedly retired from creating any additional viruses, and in 2011 made the code publicly available. Initial variants no longer pose a threat, but dangerous varieties still exist because the technology is still available. 

Protect Your Business with Summit Hosting's Dedicated Servers

Cyber attacks are nothing new, with the very first examples stretching back before the internet we know and sometimes love. Whether it's ransomware like Cryptolocker or worms like Klez or Storm worm, there are countless examples of why antivirus and cybersecurity are vital components to anyone's computer network or devices. Take your cybersecurity to the next level with Summit Hosting's dedicated servers. Every dedicated server comes with IT cybersecurity experts who help monitor and protect your critical data and hardware from devastating attacks. Give us a call today to stay always on and always secure! 

Klient Boost