Then came the "Michelangelo virus," a ticking-bomb program that threatened to erase thousands of hard drives simultaneously on March 6, 1992. Like the Y2K bug that followed, however, Michelangelo scared more people than it hurt.
These early codes and the scores that came in between had a much different goal than today's crop of malware. They were designed to vandalize, earn bragging rights, and tinker with new technology. It was a time of hobbyists, says Zulfikar Ramzan, a senior principal researcher at the computer security firm Symantec in Cupertino, Calif.
But around 2001, the trend shifted. Amateur-made viruses gave way to a new breed – one that was more evolved, relied on stealth, and targeted your wallet.
New schemes, new virus vocabulary
So what changed? For one, a growing number of Americans started to use the Internet for banking, shopping, and advertising. Once real money started flying through cyberspace, hackers began to devise nefarious business plans.
"It used to be that most of the new malware we discovered appeared during nights and weekends – when hobbyists would have time to work on them," Mr. Ramzan says. "Nowadays, the virus writers are more active during office hours."
Hackers no longer want to share poetry or wipe your hard drive clean. After all, if a virus erases disks, it erases itself – and the opportunity to take advantage of unsuspecting computer users would be lost.
Now viruses can infect computers and the user might never know. Digital beasties such as "rootkits" burrow deep into operating systems. "Spyware" lurks behind the scenes, quietly sending passwords or other data to hackers. "Bots" can even allow hackers to take over systems. Once "bot herders" lasso enough computers, they can order thousands of hijacked machines to stampede networks, overwhelming websites and possibly blackmailing the companies that run them.
Bots in particular are hard to track down because they are often international in scope, says Dave Marcus, security research and communications manager for McAfee's antivirus lab in Santa Clara, Calif. A herder can operate in Romania, commandeer a computer in China, and then attack a network in the United States.
In fact, he says, 80 to 90 percent of all spam comes from infected machines.