Heartbleed, Melissa, Klez, Nimda, and Sasser. All of these innocent sounding words could ruin your computer, steal your information and impact your digital life forever. These computer viruses and system vulnerabilities are the best at what they do: breaking stuff. But how did these terrors get their names?
There is not one standardized way to name a viruses. These aren't hurricanes, there's no master list to turn to, and no authority that watches over them to regulate how their dealt with. Instead, there are three main avenues for virus naming: when the name is given to the virus as part of its programming; when the vector by which the virus is spread determines the name; and when a vulnerability is found and then named after the fact, usually by its discoverer.
Historically, back when viruses got around mainly through the forwarding of emails, the name of the threat would be based on the file name of the attachment. One of the worst viruses ever seen was called "ILOVEYOU." It spread like wildfire because of the pleasant sounding email subject and attachment (Love-letter-for-you.txt) The happy attachment turned out to be malicious code that overwrote existing files with copies of itself.