Hobbies‎ > ‎Computer History‎ > ‎

A Brief History of Malware (Viruses, Trojans, Worms)

Have you ever wondered where something began, or how it became that way?  Viruses, Trojan horses, Worms and other types of 'malicious software' (malware) can be traced back to its origins about 1949 where it started out as a theory.  The original malware started out as simple programs that were later enhanced to be more complex, spread faster, cause damage, and steal information.

Malware is nothing more than a program that is designed to make your life miserable by causing problems with your computer or stealing information.  Originally malware would spread from computer to computer by people sharing media (such as floppies and tapes).  Then as our lives became more and connected via networks, these programs were enhanced to spread without any user interaction.

Modern malware is designed to leverage bugs in applications that will allow the code to spread from computer to computer (e.g.: worms).  Although not all malware is that sophisticated, a great deal of it still relies on humans making mistakes and launching program that they should not have (e.g.: Trojan Horses).

You might wonder who would write these programs.  Originally were written by bright programmers that may have been looking to get attention or wanted to cause damage.  Eventually organized crime stepped in and started leveraging these programs to steal your private information.  Recently different countries around the world have included malware as a tool in the arsenal of weapons used by intelligence and military services.

Today you don't have to be a bright programmer to create these types of programs, malware construction sets can be downloaded that allow the creation a custom virus with a few clicks of a button.  There are even companies willing to construct custom viruses for people willing to pay for them.

There are hundreds of thousands of different types of malicious programs in the wild today.  Plus to make matters even worse, there could be several variants of each one.  Things have gotten so bad that the virus companies have admitted that they're fighting a losing battle.
  • In 1980’s virus creators start writing viruses for personal computers.  The earliest computer viruses were spread from computer to computer by sharing floppies.
  • In 1990's becomes an interesting decade for computer malware. Eastern Europe becomes a hot bet for virus writers.  Viruses start to become more sophisticated by using polymorphic techniques and they became network aware.  Malware construction kits become available, and macro viruses start showing up.
  • In 2000's virus writers begin to change their motivation for writing malware from fame to fortune, up until now the only thing that a malware writer got was fame or jail time, sometime both.  A trend appeared where personal information being stolen is used for identity theft.  Soon after this, organized crime enters the game because of the potential to make money. In the early 2000's network aware worms started to show up and attack systems (e.g. SQL Slammer, Sasser, etc.).  Then about 2005 botnets (a group of malware infected computers, that are centrally controlled by a "Botherder" to perform malicious tasks) make their first appearance.  
    • In 2005 it was detected Sony/BMG created a root-kit type of DRM software that was utilized by millions of music CDs.
    • Around 2007 you started to see the rise of DNS Changing malware.  Criminals redirect a victims computer to utilize rouge DNS servers that pointed their browsers to rouge phishing site replacements for popular sites that could steal information.
    • Other techniques that are being utilized are DNS spoofing and public WiFi hotspots are being compromised (known as Evil Twin attack).
  • In 2010's botnets are still a major problem, several high profile break-ins to large web sites to steal password files happen, sophisticated "nation-state" created malware is targeted at specific countries (e.g. Stuxnet, Duqu and Flame).  Highly targeted "spear-phishings" attacks are more commonly used against public and private organizations and businesses.  Large companies (Google, Facebook, etc.) are more commonly paying hackers "bug bounties" to find major flaws in their products.  Virus writers start actively going after Apple Macintosh users, and mobile platforms (such as iOS and Android).
    • Criminals start spreading malware through legitimate web site after they're compromised.
    • Attackers are also stealing password files from large systems, which puts all the accounts on the system at risk.