Phishing simulation Awareness training Data breach detection About Blog Resources Pricing Contact
Get started Log in

The Creeper virus: The beginning of malware

Explore the origins and significance of the Creeper virus, the first computer virus, and its influence on cybersecurity. Read more to understand its impact.

Back to glossary

Creeper Virus

The Creeper virus, developed in the early 1970s, is considered the first computer virus in history. While it caused no harm, it introduced the idea of self-replicating software and marked the start of a new chapter in computer security. Its famous message, known as the message "I'm the creeper," “I’M THE CREEPER: CATCH ME IF YOU CAN,” revealed a new kind of digital behavior that would later become a global concern. This mysterious message intrigued early computer users and highlighted the experimental, non-malicious nature of the virus.

Introduction to malware

Malware, short for malicious software, is any program designed to disrupt, damage, or gain unauthorized access to a computer system. The concept of a computer virus – software that can replicate itself and spread to other computers – emerged alongside the earliest days of networked computing. The first computer virus, known as the Creeper program, was a groundbreaking experiment in the 1970s. Created by Bob Thomas, this experimental self-replicating program targeted computers running the TENEX operating system. When it infected computers, it displayed the now-famous message: “I’m the Creeper, catch me if you can!”

Although the Creeper program was not created with malicious intent, it was a pioneering piece of software that demonstrated how a self-replicating program could move from one system to another. This early form of malware laid the groundwork for the development of modern computer viruses and the antivirus software designed to counteract them. The Creeper virus showed that even experimental software could have far-reaching effects, setting the stage for the ongoing battle between malicious software and the tools created to defend against it.

Historical context

Before the modern internet connected billions of devices worldwide, there was ARPANET – the Advanced Research Projects Agency Network. Launched in 1966 and first used in 1969, ARPANET was one of the earliest and most influential computer networks ever created. Its primary goal was to provide a reliable, decentralized communication system for researchers and military organizations, allowing them to share information and resources across great distances.

ARPANET’s innovative design became the blueprint for future computer networks, directly influencing the structure of the modern internet. By connecting multiple computers and enabling them to communicate, ARPANET created the perfect environment for experimental programs like Creeper to move from one system to another. This pioneering network not only made the spread of the first computer viruses possible but also shaped the way we think about computer security and the challenges of protecting interconnected systems. The legacy of ARPANET lives on in every networked device and every corner of the internet today.

What was the Creeper virus?

Creeper was an experimental computer program created by Bob Thomas at BBN Technologies. Bob Thomas created Creeper as part of an early experiment to test whether a computer program could move across a network on its own. This idea was new at the time and had never been demonstrated in practice.

Computer scientists were interested in such experiments due to scientific curiosity about the potential of self replicating programs. Creeper was one of the earliest self replicating programs, designed to explore the possibilities of network mobility.

The program ran on ARPANET, which was the early version of the internet. It infected DEC PDP-10 computers that used the TENEX operating system. Once Creeper landed on a machine, it displayed a message telling users it was present, but it made no attempt to damage or alter files.

How the Creeper virus spread

Creeper used the file transfer protocol (FTP) to copy itself from one computer to another across the ARPANET. After transferring to a new system, the program would delete itself from the original machine, meaning it did not create multiple copies on each system. This process allowed it to “hop” between systems without staying in one place, functioning as an early form of a mobile application that could transfer itself between devices.

Creeper is considered the first computer worm due to its autonomous movement through the network. The way Creeper spread is now more commonly linked to the behavior of a worm, which moves through networks without needing user input. At the time, however, this was an entirely new concept.

If you're curious about how that worked, you can explore the fundamentals of FTP and its role in early computer networking.

The Reaper: The first antivirus tool

To remove Creeper from infected systems, another program called Reaper was created specifically to counteract Creeper. The reaper program was designed to track down and delete Creeper from each system it encountered, moving from one computer to another using the same network-based method. Ray Tomlinson played a key role in developing the reaper program.

This was the first antivirus program in history, and it began what would later become an ongoing effort to protect digital systems from malware.

If you're curious about how far these tools have come, you can dive deeper into the world of anti-malware.

Why creeper was important

Creeper was one of the first programs to demonstrate self-replicating code that could move across a network without user permission. This concept was rooted in the theoretical work of mathematician John von Neumann, who envisioned self-replicating machines and laid the foundation for understanding digital pathogens. Even though Creeper was harmless, its creation showed that autonomous code could travel across a network, introducing both new opportunities and serious risks for future computing.

Creeper also showed how quickly software could spread, which made researchers realize the need for defense mechanisms. Unlike Creeper, later developments saw the rise of malicious code – software designed to steal data, hijack systems, or cause damage. As a result, Creeper helped launch the field of cybersecurity.

The legacy of Creeper

Creeper’s existence inspired future generations of software and malware. One of the first viruses to target personal computers was Elk Cloner, which appeared in 1982. Created by Richard Skrenta, Elk Cloner infected Apple II computers by spreading through infected files on floppy disks. Unlike modern viruses, which can autonomously spread across networks, infect files, and cause significant harm or data loss, Elk Cloner and Creeper were more focused on demonstrating self-replication and often acted as pranks or curiosities.

Creeper also sparked interest in building better tools to detect, prevent, and remove malicious software. The antivirus industry that exists today owes much of its origin to this early experiment. As computer viruses evolved, notable early creators like Richard Skrenta and the two brothers behind the Brain virus contributed to the shift from curiosity-driven projects to more sophisticated and sometimes malicious threats.

Understanding computer viruses

A computer virus is a type of software that can replicate and spread to other systems. Some viruses cause little to no damage, while others can destroy files, steal data, encrypt files, or hold systems hostage. Their impact depends on how they are designed and the goals of the attacker. Analyzing the source code of viruses helps researchers understand how they function and spread.

Today, many types of viruses and malware exist. Some of the most common include:

  • File infectors, which attach themselves to executable programs

  • Boot sector viruses, which target the startup code of a hard drive

  • Macro viruses, which infect documents and spreadsheets

  • Polymorphic viruses, which change their code to avoid detection

  • Stealth viruses, which hide from antivirus tools

  • Ransomware, which locks or encrypts files and demands payment for their release

How to prevent and remove viruses

The best way to fight viruses is through a combination of good tools and smart habits. Antivirus software can detect and remove many threats by scanning systems for known signatures or suspicious behavior.

However, users must also stay alert. Key practices include:

  • Keeping systems and applications updated

  • Avoiding unknown links and downloads

  • Using strong passwords and secure settings

  • Backing up important files regularly

  • Watching for signs of infection, such as system slowdown or strange messages

Conclusion

The Creeper virus was not harmful, but it changed the future of computing. It introduced the idea that software could move on its own between systems and showed how such software could spread quickly. In response, the first antivirus tool was created, starting the ongoing battle between malware and cybersecurity.

Today, understanding how computer viruses work and how to defend against them is more important than ever. The lessons from Creeper still guide the way we think about digital safety and the steps we take to protect our systems.

This post has been updated on 18-06-2025 by Sofie Meyer.

Author Sofie Meyer

About the author

Sofie Meyer is a copywriter and phishing aficionado here at Moxso. She has a master´s degree in Danish and a great interest in cybercrime, which resulted in a master thesis project on phishing.

Similar definitions

Understanding the Network Block Device PirateBay: The Pirate Bay (TPB) What is swatting: A comprehensive guide Dongle Hashing Pseudonym Proxy Video graphics array (VGA) Passive optical network (PON) Decoupled Key fob Attenuation TL;DR Encoding Enterprise data management (EDM)