The first malware turns 30 years old: Michelangelo virus


The boot sector virus, first discovered in Australia, caused perhaps the first ever serious panic among computer malware, spurring the antivirus industry.

In 1991, the owner of a computer store in Australia noticed strange symbols on his screen. Investigation of the cause showed that the virus infected the system.

On March 6, the virus was activated, overwriting the owners’ data. Interestingly, the virus remains inactive on the device and is activated only on March 6, regardless of what year it is.

Since March 6 is the birthday of the great Renaissance artist Michelangelo, the virus was named in his honor.


Michelangelo is a boot sector virus, a type of malware that infects the boot sector of a hard disk or, more importantly, the master boot record (MBR) of a hard disk. The virus was designed to infect DOS systems and worked at the BIOS level.

After infecting the computer, the virus overwritten all the data that was contained on the hard disk of the device, replacing them with random characters. However, the threat only worked if the victim’s computer was turned on on a certain date, otherwise the user data remained intact. Basically, the virus spread through driver disks. It is known that about 1,500 data on computers were destroyed in Germany alone.

Despite the flashy name, Michelangelo himself is not mentioned anywhere in the malware itself. The name was created by the security community of the time. The authors of the virus have not been identified.


A year later, the virus reappeared. Since the existence of the virus was already known, industry insiders and journalists began to speculate about how many computers could already be infected with the virus.

Legend has it that the notorious John McAfee, the founder of the antivirus company of the same name, told reporters that Michelangelo could infect up to 5 million devices. About 20% of households in the United States owned computers, and 5 million infected devices could lead to a large-scale failure, the consequences of which could go far beyond North America.

Since the virus made any files on the device unusable, its activation could be a disaster for many companies using computers for everyday tasks.

According to Aryeh Goretsky, who worked at McAfee at the time, John McAfee told reporters that the infection rate could range from 5,000 to 5 million devices. However, journalists began to use the last figure, which caused a stir in the media and customers began to massively buy McAfee antivirus products around the world.

False fear

As the long-awaited day approached, the headlines of the media got out of control: one of the leading US newspapers said: “A deadly virus will wreak havoc tomorrow.”

The fear was in vain. The virus affected only a few thousand computers around the world, and there was nothing “deadly” about it.

In the same year, McAfee held an initial public offering, raising $42 million, which was an impressive amount for a company in 1992, which employed only 12 people.

However, the real impact of the Michelangelo virus was that the malware threat finally knocked on everyone’s door.

Although the idea of a threatening computer virus was not new, the threat became very real thanks to media reports, television broadcasts and experts discussing the consequences of a computer virus.

Start a discussion …