The story of the first ever computer virus: Creeper

The first computer virus in history is known as the “Creeper” virus, and it dates back to the early 1970s. Here is the detailed story of this pioneering piece of malicious software.

Edouard Courty
3 min readOct 31, 2023

Historical context

Before the Internet (as we currently know it), there was ARPANET.

ARPANET stands for “Advanced Research Projects Agency Network”, and was one of the earliest and most influential computer networks that laid the foundation for the development of the modern internet.

It was launched in 1966 and first used on the 29th of October 1969, as a response to the need for a reliable and decentralized communication system among researchers and military organizations.

The genesis

Bob Thomas (1943–2014) was a computer engineer working at BBN Technologies, a company that held a crucial role in the development of ARPANET.

At this time in History, computers were in their infancy & very raw beginning, and no one ever tried to “hack” them before.

Bob wanted to demonstrate the concept of self-replicating programs. He wrote “Creeper” so it could move itself to another computer, infinitely, eventually infecting all the computers in a network.

It was created for research purposes, without any harming intentions.

Creeper

Creeper’s behaviour was quite similar to how modern viruses work, here are its functioning steps:

  1. Creeper would start by scanning the network and looking for vulnerable targets. It would scan ranges of IP addresses, trying to find systems with unprotected FTP (File Transfer Protocol) access.
  2. Leveraging this unsecured connection, Creeper would send a copy of itself to the target host (using FTP)
  3. Once transmitted, Creeper’s code was used as a program (I don’t know how it was executed, but it’s very likely it was either executed remotely using another vulnerability or executed automatically by the host computer, at reboot for example, or during certain actions.)
  4. The program displayed the message “I’M THE CREEPER: CATCH ME IF YOU CAN!” on the terminal.
  5. After transmission, Creeper would delete itself from the system. This was purposely designed. It was not intended to stay on the infected devices. It would solely make its presence known and then move on!
  6. Furthermore, it would continue scanning for other vulnerable targets

This is a beautiful piece of software. It’s probably not the shiniest, nor the best computer virus ever written, but it was the first worm virus ever developed, and the people involved probably had a lot of fun doing it.

Sadly, its source code is not publicly known, although it would be amazing to study!

If you read this and have access to the original Creeper source code, let me know.

How it ended

As a response to Creeper, another program called “Reaper” was developed by Ray Tomlinson.

Reaper was created to track down infected systems, remove the Creeper program, and help contain the spread of the “infection.” Essentially, Reaper was an early form of antivirus software designed to counteract Creeper.

Ray Tomlinson is also known for his significant contributions to email technology, as he was the one who implemented the use of the “@” symbol to separate the user’s name from the host computer’s name in email addresses.

His work on email and the development of Reaper marked his contributions to early network and computer security.

Conclusion

Creeper’s method of self-replication and propagation was relatively straightforward and relied on network communication and basic file transfer protocols.

It didn’t exploit security vulnerabilities in the modern sense but instead took advantage of the simplicity of early network protocols and the open nature of the ARPANET.

While Creeper’s actions might appear similar to those of modern computer viruses, it was not designed with malicious intent and did not cause harm beyond displaying its message on infected systems.

I hope you liked reading this story as much as I liked writing it!

I think the history of computers and technology in general is great and deserves to be told, hence I’ll publish more about this soon.

Follow my account to see my future work, and as always, have a good day.

NB: If you want to know more about worse cases of computer exploits, here is the story of EternalBlue, an exploit developed by the NSA!

--

--

Edouard Courty

Web Developer & IT Teacher based in Paris - Back-end guru - Co-founder of @IMXrarity