Skip to main content

Brain: the first computer virus

Imagine this: You wake up in a time when floppy disks were the pinnacle of technology. What could be worse, right? But wait—it gets worse. It's January 1986, and the first computer virus is coming to life—one that will inspire countless future malware. You'd think viruses were all about cybercriminals and hacktivism, right? But guess what? You’re in for a surprise. The virus you’re about to encounter was created by two brothers from Lahore, Pakistan—Basit and Amjad Farooq Alvi. These two guys just unleashed a virus on MS-DOS, and it all started with... floppy disks. Yes, you heard it right—floppy disks. Welcome to a forgotten era!

Now, you might ask, "What exactly is this ‘Brain’ virus?" And more importantly, why was it created? Well, Brain was more of an uninvited guest at a digital party, attaching itself to otherwise harmless programs—called "host" programs—that unsuspecting users would execute. But don't be fooled—these two brothers, the Alvi brothers, weren’t plotting world destruction. No, their goal was to explore the security of MS-DOS versus its competitor at the time, UNIX Xenix. They were also trying to protect their software from illegal use. But before we get ahead of ourselves, let’s dive into the Alvi brothers' backstory.

Amjad was obsessed with electronics. He spent endless hours at the library, reading what we imagine was something like “Floppy Disks for Dummies” or “MS-DOS for Absolute Beginners.” At one point, he got his hands on a Sinclair ZX80, a DIY kit with its fair share of issues. This led Amjad and Basit to open their own computer repair shop, Brain Services (yes, you read that right, Brain Services). But things took a turn when they developed a heart-monitoring program... which, surprise surprise, got pirated! And boom, Brain was born. It wasn’t made to wreak havoc; rather, it was an exploration of how MS-DOS worked and a way to protect their software from being stolen.

So, how did this virus spread? Floppy disks, of course! In fact, this is where the story gets really interesting. When you insert a floppy disk infected with Brain into a machine, the virus activates before the operating system even gets a chance to load. And the real kicker? As soon as the virus is running in the computer's memory, it infects any other floppy disk that comes into contact with it. This virus was sneaky—it saved its original boot sector and stored it in a special sector of the disk, marking it as "bad" so no one would see it. Pretty clever, right? It was a game of hide-and-seek with your computer’s boot process.

But here’s the best part of the story: the Alvi brothers signed their virus. That’s right—if anyone was going to take credit for this digital milestone, they were making sure it was them. And guess what? People noticed their contact info embedded in the virus, and soon the brothers started receiving calls from frustrated users around the world—Pittsburgh, Delaware, Hong Kong, Australia, and beyond—all asking, "How do we remove this virus?"

But while the Alvi brothers didn’t mean any harm, Brain set the stage for a revolution—a revolution in malicious software. As the virus spread, copycats began to emerge, and soon Brain evolved into its malicious variant, Brain.b, which could infect hard drives as well.

Enter John McAfee, rest in peace to the legend himself, who saw an opportunity. He created the first-ever antivirus software to detect and remove Brain. This marked the dawn of the antivirus industry, a major milestone in the battle against malicious software.

And what’s the legacy of Brain? Well, Brain’s boot-sector infection method became the template for many future viruses. It opened people’s eyes to the importance of antivirus software, and while the Alvi brothers didn’t set out to destroy the digital world, they inadvertently triggered a massive revolution in cybersecurity.

Curious about the origins of this groundbreaking virus? Check out this incredible video, where Mikko Hyppönen interviews the Alvi brothers in Lahore, Pakistan: Brain: Searching for the first PC virus in Pakistan.

And let’s not forget the heart of Brain’s operation: the boot sector. The BIOS looks to read from the first sector of the floppy disk, and Brain’s sneaky tactic was simple: take over that first sector. Once that was done, the virus would replicate itself onto any new floppy disk it encountered. Voilà—a self-replicating virus, ready to spread to the next unsuspecting machine.