The Michelangelo Virus, 25 Years Later

On March 6, 1992, a pre-internet era virus caused what was arguably the first ever public malware scare in history. Named after the famous renaissance painter who shared the same March 6 birth date, the Michelangelo virus scare remains a significant turning point for computer security, 25 years after its supposed major impact.

What is the Michelangelo Virus?

Michelangelo is classified as a boot sector virus, a type of virus that infects the startup sectors of storage devices—usually the boot sector of a floppy disk or the master boot record (MBR) of a hard disk. Boot sector viruses are primarily spread through physical media such as floppy disks or USB drives. They typically infect computers that boot using disks containing the malware, activating whenever the storage device loads.

In the case of Michelangelo, once the virus infects a computer, it remains dormant until a specific date—March 6 of each year, to be exact. On March 6, any computer infected with Michelangelo has critical data on its boot disk overwritten, damaging the disk and rendering it unusable and the data nearly unrecoverable.

Who wrote the Michelangelo Virus?

The author of Michelangelo was never discovered. Given the timeframe and the lack of monetary demands, the virus was likely written for the author’s own pleasure rather than for any potential financial gains.

What was the impact of the Michelangelo Virus?

At its height, the Michelangelo virus gained notoriety for its supposedly large-scale impact. Antivirus pioneer John McAfee estimated that the malware could have infected as many as 5 million computers, which was a significant amount in the early 90’s. The mainstream media at that time picked up on it and turned it into a major news story– a devastating security incident that could potentially wreak havoc on computers around the world. Needless to say, the news caught the public’s attention during a time when malware awareness was still low.

On March 6, 1992, the impact of Michelangelo differed from what was expected. Only a few thousand computers were found to have been infected by the virus, a far cry from the upper-end estimates. In fact, subsequent research made after the scare revealed that other virus variants were discovered far more frequently than Michelangelo.

What was the legacy of the Michelangelo Virus?

Although the virus itself had minimal real world impact in terms of number of infections, the publicity surrounding Michelangelo brought the issue of computer security into the public eye. Most people at that time still had little knowledge of computer viruses, resulting in ordinary users purchasing antivirus solutions en-masse. IBM reported that stores sold out of their antivirus products, invariably purchased by people who bought into the hype.

And while the Michelangelo virus—along with a majority of boot sector viruses—has come and gone, it retains a special place in infosec history as the first virus to bring malware awareness into the spotlight.

As for the Michelangelo virus itself? It still activates every March 6 for older, previously infected computers.


Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.