What are the top 10 viruses of all times?

Computer viruses take many different shapes and forms, and the damage they do ranges from mildly annoying to damaging an entire country’s nuclear program. Part of the difficulty in compiling a list of viruses is that there are varying definitions of what constitutes a virus and that some viruses, which at discovery seem to be new, turn out to be variants of older viruses. With all that in mind, we’ve put together our list of the top computer viruses.

1. Conficker

First discovered in 2008, Conficker, which had many aliases, including Downup, Downadup, and Kido, is a worm that targets Windows operating systems. It uses a variety of different malware techniques, including exploiting flaws in Windows and using dictionary attacks on administrator passwords to infect computers and propagate, forming a botnet. It infected millions of computers in 190 countries, including those on networks run by the French Navy, the UK Ministry of Defence, and the UK House of Commons. Among the symptoms of Conficker are user accounts being locked, local area networks being flooded with traffic, and websites that host antivirus software becoming inaccessible.

Conficker was so troublesome that an industry group spearheaded by Microsoft and including ICANN and Verisign was formed to try and combat it.


The ILOVEYOU worm attacked tens of millions of computers running Windows from May 2000. It got its name from the subject line of the email to which it was attached, disguised as a text file. When the attachment was opened, it triggered a Visual Basic script that started to destroy files and sent a copy of itself to all the contacts in Windows’ Address Book.

ILOVEYOU relied on flaws in Windows to allow it to hide the fact that it wasn’t, in fact, a text file but a Visual Basic script. But it also used social engineering, creating curiosity in the mind of the recipient, to persuade users to open the attachment. At the time, it was estimated that one in ten internet-connected computers had been affected and a cost of $5-8 billion, with a further $15 billion in clean-up costs. The Pentagon, CIA, and UK Parliament shut down email systems to protect themselves. And the virus even inspired a song by the Pet Shop Boys that reflected on the human desires that allowed the virus to spread.

3. Morris Worm

One of the first worms distributed over the internet, the Morris worm, named after its creator, Robert Morris, a graduate student at Cornell University, was released on November 2, 1988. Morris, now a professor at MIT, claimed the worm was intended to demonstrate security flaws in Unix systems. However, a coding error resulting from an attempt to prevent the worm from being easily disabled led to a massive denial-of-service attack, which was estimated to have infected 6,000 computers. This figure was arrived at by multiplying all the computers that were estimated to be connected to the internet by 10% — the same way that the effect of the ILOVEYOU virus and several others were estimated. The US Government said the damage cost between $100,000 and $10,000,000, and the Morris worm resulted in the first conviction under the 1986 US Computer Fraud and Abuse Act.

4. Mydoom

Until Mydoom came along, ILOVEYOU held the record for the fastest-spreading email worm ever. But that all changed in January 2004. And 15 years later, Mydoom, first spotted in that month, still holds the record. Mydoom was named by one of the first people to discover it, who noted that code contained the word ‘mydom’ and, given the fact that it was already apparent that it would spread quickly, felt that having ‘doom’ in the name was appropriate.

Mydoom affected Windows computers and used a backdoor to take control of a PC and subvert Windows Explorer. It launched a distributed denial-of-service attack, which seemed to particularly target computers belonging to SCO.com. But avoided hitting email addresses registered to some universities as well as those at Microsoft and Symantec. The text of the email used to spread the virus contained the rather cryptic message, “andy; I’m just doing my job, nothing personal, sorry.”

5. Stuxnet

Remember we said in the introduction that the damage caused by viruses included damaging an entire country’s nuclear program? Well, that was Stuxnet. Believed to be a joint US/Israeli cyberweapon, though neither country has openly admitted responsibility, Stuxnet was first discovered in 2010. The purpose of the virus was said to be to interfere with Iran’s attempts to build a nuclear weapon. It was spread by a USB thumb drive and targeted software that controlled a uranium facility in Iran. According to a report published in the New York Times, the damage it caused was so great it made 1,000 centrifuges self-destruct. The Times reported that it was a ‘programming error’ that allowed Stuxnet to escape the facility in Iran and spread around the world on the internet. It was said to be part of a wider US effort, called Olympic Games, to disrupt Iran’s nuclear program.

6. CryptoLocker

Ransomware has become hugely popular among hackers and cybercriminals for obvious reasons. By disrupting users’ systems, preventing access to data, or using social engineering to prey on their fears, criminals extract payment in return for removing the threat. CryptoLocker was one of the first examples. Released in September 2013, CryptoLocker spread via email attachments and encrypted files on infected computers, making them impossible to access. In order to restore access to their data, users had to pay a ransom, at which point the cybercriminals behind CryptoLocker would send a decryption key that could be used to unencrypt the files. Some users reported that they were able to regain access by carrying out a System Restore or using data recovery software. Others said that when they had tried to recover files, they had lost them completely.

The US State Department announced in June 2014 that the botnet used to distribute CryptoLocker had been disrupted. And in February 2015, the FBI offered $3m for information leading to the arrest of Evgeniy Bogachev, the man they believed responsible for CryptoLocker.

7. Tinba

Tinba was first discovered in 2012. The name stands for the Tiny Banker Trojan. As a modified version of older Banker Trojans, it was developed to target the websites of financial institutions. The main goal was to collect clients’ information, such as PIN codes, usernames, account details, passwords, and credit card numbers. Tinba is based on network sniffing and man-in-the-browser attacks. It is indeed tiny — 20 KB — and it is what made the Trojan difficult to detect. 

The common ways of spreading are downloading software from unreliable developers, clicking pop-ups on infected websites, and clicking links in emails. Also, tech support scam call centers used Timba to make fraudulent changes to the victims’ computers. This Trojan remains dormant until the user visits the website of their financial institution, and it is another reason why it is dangerous. 

8. SQL Slammer

SQL Scammer sparked on January 25, 2003, when it infected its first server. After it, the infection spread rapidly, having infected more than 70,000 computers after the release into the wild. This worm exploited a bug in Microsoft’s SQL Server as well as Desktop Engine database products. As it spread quickly, it severely slowed down worldwide internet traffic, which resulted in the collapse of important systems, and it caused panic and significant damage. 

What is remarkable is that the patch that could have prevented the spread of this infection was released 6 months prior to the incident itself. However, those companies that were affected merely ignored the recommendation to install it. 

9. Storm Worm

Storm Worm exploited users’ thirst for sensational news headlines. In this case, the headline was “230 dead as storm batters Europe” which accompanied a link to the “story.” When users clicked the link, instead of reading a news story, they downloaded a virus that then turned their computer into a bot that redistributed the email.

10. Brain

Believed to be the first computer virus for MS-DOS, Brain was released in 1986 and infected the boot sector of storage media, primarily floppy disks, formatted with DOS File Allocation Table (FAT). The boot sector was moved to another sector and marked as bad. Meanwhile, text was written into the infected sectors, which, remarkably, included the virus authors’ names and telephone numbers.

These are just ten of the thousands of well-known viruses that have attacked computers over the last several decades. Some are relatively harmless, while others, as we’ve seen, are very destructive. As you may have noticed, the viruses we mentioned affected Windows and PC. However, it does not mean that Macs are not susceptible to threats. In fact, as Mac computers have become more popular, they also become a more attractive target for malware. 

If you’re worried that you might have downloaded a virus or other form of malware, you should scan it using an antivirus tool. There are several available for Mac and PC that will scan your computer for free. For a Mac, my recommendation is to use CleanMyMac X and its Malware Removal module to regularly scan your Mac and keep it safe from viruses. Its database of threats is constantly updated to detect the most recent threats. Just scan your Mac once in a while to make sure it is malware-free. Also, CleanMyMac X has a background and real-time monitor that can detect suspicious apps and notify you about such risks. You can download the app for free here.

The best protection, however, is common sense. Never click on a link in an email or on a website unless you’re certain where it will take you and download apps from developers’ websites — or Mac App Store — only. Thank you for reading, and stay safe! 

Laptop with CleanMyMac
CleanMyMac X

Your Mac. As good as new.