The 15 Most Dangerous Computer Viruses We’ve Ever Seen (So Far)

I love you text with binary code
1. ILOVEYOU ILOVEYOU was a virus that started in May of 2000, originating in the Philippines. It relied on a few quirks of technology at the time, most especially that Windows would only display file names up to the first period. Usually that’s not a problem, but ILOVEYOU ended with “.txt.vbs,” and only the “.txt” was displayed to users who received the virus in their emails. Those users would open it, because .txt—text files—can’t actually transmit viruses. The ILOVEYOU virus would then overwrite random files, and send itself to all addresses in the victim’s email. It ended up affecting about 10 percent of all computers in the world, causing around $10 billion in damage. Shutterstock
hooded man stealing credit card information
2. Conficker Launching in 2008, Conficker was an unusually adaptable and varied worm. Unlike ILOVEYOU, Conficker used a variety of different attack techniques, exploiting different holes in Windows architecture and spreading itself through different means. Some forms of Conficker were capable of setting permission to edit the Conficker virus itself to a level so high that users weren’t even capable of deleting it. Conficker, which may have been created in Ukraine, was widespread, affecting probably around 10 million computers worldwide, and antivirus software still discovers a few hundred thousand infections of it each year, even now. But it wasn’t actually that damaging of a virus: it seems to have screwed with just a few small things, like disabling Safe Mode, antivirus software, or automatic updates. Shutterstock
network security hologram
3. CryptoLocker A more blatantly capitalistic enterprise, CryptoLocker was a scheme, spread via email attachments in 2013, that simply encrypted a bunch of the user’s files. That encryption was strong enough that experts at the time said there was essentially no feasible way to unlock them—except ransom. See, the CryptoLocker scheme offered to unencrypt and free a victim’s data if that victim paid a ransom, in the form of Bitcoin or cash vouchers. Many victims paid; the transfer of Bitcoin was worth about $27 million at the time. Shutterstock
hooded woman holding padlock
4. FlashBack FlashBack isn’t the biggest virus on this list, affecting only about 600,000 computers. But what’s interesting about FlashBack is that it was specifically a Mac OS virus, flying right in the face of the popular wisdom that Apple computers simply don’t or can’t get viruses. (They can, though they are much less common than Windows viruses.) FlashBack was a Trojan Horse that infected with a phony Adobe Flash installation; it then created a botnet to engage in various thefts and hacks. Shutterstock
stethoscope draped on a laptop with a virus
5. Melissa Named, hilariously, after an exotic dancer from Florida, Melissa started out by claiming to be a document containing passwords to porn websites. It would send itself to the first 50 people in any victim’s email app, which caused it to quickly snowball in size. By 1999, it was big enough to take down entire email servers, most notably Microsoft’s. It also sparked the FBI to create a dedicated cybercrime department. Shutterstock
virus detected on mac
6. Code Red Named for the beverage security researchers were drinking when they discovered it (Mountain Dew: Code Red), Code Red was released in July of 2001. It used what’s called a buffer overflow: essentially, it consisted of so many repetitions of a single letter (“n”) that the system allows the virus to extend into other parts of the memory where the virus shouldn’t technically be allowed. From there, it launched attacks on a few different websites, including the White House website. It might be best known for the message it displayed: “Hacked By Chinese!” (It’s not clear that it actually originated in China.) Shutterstock
virus warning light
7. MyDoom Still today likely the fastest-spreading email worm of all time, MyDoom is also considered the most damaging computer virus ever, with financial losses reaching about $38 billion. It was fairly simple in its infection technique: just an email with a message like “Message Send Failed,” with an attachment. Open that attachment, and you’re infected; MyDoom would send itself to everyone in your email contacts, and even copied itself to the “shared” folder in Kazaa, to be shared that way. For a little while, about one in five emails in the entire world were from MyDoom. It seemed to mostly be targeting a company called SCO, which had attempted to sue Linux users and distributors for copyright infringement. Shutterstock
critical error message
8. Nimda As Nimda was released, probably, on September 18th, 2001, speculation was rampant that it was somehow connected with the 9/11 attacks. It wasn’t, and likely originated in China, but it was still an incredibly fast-moving virus. Nimda, which is “admin” spelled backwards, gave hackers access to some admin functions of victim’s computers. But mostly, it functioned by sending massive amounts of traffic to various websites, slowing them to a crawl. Shutterstock
business man with head in hands over laptop
9. SQL Slammer Launching in 2003, SQL Slammer, sometimes known as Sapphire, used that same buffer overflow vulnerability that many other viruses and worms have used. It spread incredibly quickly; within ten minutes, it’s estimated that 75,000 computers were affected. It was an extremely small virus. Really, all it did was create a bunch of randomized IP addresses and send itself to those. But it did that so efficiently that many routers couldn’t handle the increased traffic. Eventually Bank of America’s ATMs crashed, Continental Airlines’ ticketing crashed, and various other important parts of the internet collapsed. It likely caused over a billion dollars in damages. Shutterstock
virus alert with red hand print
10. Storm Worm Starting in 2007, the Storm Worm relied on the endless appetite for news in order to spread. It was named for one of its first appearances: as a fake news email titled “230 dead as storm batters Europe.” There were a bunch of other fake news stories too, including “Fidel Castro dead” and “Naked teens attack home director.” It granted full admin access to victim computers, and allowed those computers to be joined into a botnet, grouped together to attack large entities, including financial institutions. Shutterstock
malicious virus in code
11. Petya A newer virus, but in the same vein as CryptoLocker, Petya was first spotted in 2016. It was spread by email attachments, and when opened, locked a Windows computer extremely thoroughly. The computer would be so encrypted that it would no longer even boot up—unless, that is, you paid the ransom. A variant released the year after, called NotPetya, asked for a fairly low ransom price—only $300. That caused some to speculate that the true goal of NotPetya was destruction, not profit, and destroy it did. Among its victims: pharmaceutical company Merck, shipping company DHL, and the Chernobyl nuclear power plant. Shutterstock
worried man with virus on laptop screen
12. Creeper Creeper is generally believed to be the first instance of internet malware on the planet, having been created in 1971. It seems to have been an experiment more than anything else; it would self-replicate to all connected users on ARPANET, the precursor to the internet. It was, strictly speaking, harmless: all it did was pop up a message reading “I’m the creeper: catch me if you can.” So Creeper wasn’t actually dangerous in itself, but as the first proof-of-concept of a worm, it set the stage for every other piece of malware on our list. Shutterstock
Virus detected
13. Stuxnet An interesting addition to the list, because sowing chaos was not really its goal, and it wasn’t created by anonymous hackers in Ukraine or China. Instead, Stuxnet seems to have been a joint American/Israeli governmental project, designed to target Iranian nuclear equipment. It would gather information from the Iranian nuclear program, and most notably would cause centrifuges to spin so quickly they’d collapse into pieces. A whopping 58 percent of all Stuxnet-affected computers were in Iran. Shutterstock
business man with hands on head in worry
14. Anna Kournikova Appropriately named, this 2001 virus tricked users by pretending to include an image of pro tennis player and object of early-aughts male lust Anna Kournikova. It spread quickly, despite having been apparently created by a 20-year-old Dutch student in a couple of hours. Though it worked in a similar way to the ILOVEYOU worm, it was not as damaging; it caused slowdowns in email servers, and a Dutch court eventually sentenced the creator to 150 hours of community service. Shutterstock
woman finding a virus on a mac
15. Shamoon One of the most virulent viruses on our list, Shamoon was discovered in 2012. It was designed to overwrite files with a corrupt image, and had a built-in time bomb that would overwrite the master boot record—the fundamental information on how a computer’s storage is arranged. Wipe that, and the computer is basically unusable. It was unleashed on the networks of several Gulf of Arabia oil companies, and that time bomb was programmed to go off during Ramadan. It crippled about 35,000 computers at Saudi Aramco, and was discovered working again as recently as 2017. Viruses have become less prevalent lately; it’s more profitable and perhaps more interesting to try to steal or leak user data. But viruses are still around, including some on this list, mutating and attacking new users every day. Shutterstock