LoveBug worm hit 10 years ago during a simpler time

Internet users that believed that online admirers meant "I love you" allowed the worm to strike

When the LoveBug worm hit 10 years ago, it was a different time when people believed admirers were really reaching out to say "I love you", personal firewalls were turned off by default and executable attachments weren't blocked at e-mail gateways.

Those circumstances allowed the Love Letter worm -- the first Visual Basic script worm -- to infect more than 50 million computers worldwide within a week, causing estimated $5 billion to $8 billion in damages, bringing down networks by maxing out their ability to fire off e-mails and causing painstaking disinfection of affected machines.

10 of the Worst Moments in Network Security History

At the time, unleashing the worm wasn't even a crime in the Philippines, where Reomel Ramones and Onel de Guzman created and then sent it off.

ILOVEYOU wasn't the first mass-mailing worm, but it was unique in that it knew no limits, says Roger Thompson, chief research officer for security vendor AVG. Melissa, the first such malicious attachment, sent copies of itself to just the first 50 entries in e-mail address books. ILOVEYOU sent it to all of them and kept on sending. "It didn't know when to shut up," Thompson says.

The attack was a wildly successful case of social engineering, sending people a malicious attachment via the hijacked e-mail address of someone the victims knew. The worm arrived as an e-mail attachment, subject line: ILOVEYOU. Because it was from someone known and trusted, people opened the attachment.

Opening it triggered a script that invaded e-mail address books and forwarded the same infected e-mail to every address in them, thereby propagating the worm. In its early hours the worm also connected to four Web sites that downloaded further malware that allowed attackers to steal passwords. Those sites were rapidly shut down. Today, with dispersed and shifting command-and-control servers used by attackers, that shutdown would be more difficult.

The motive of Ramones and de Guzman was just to see their creation work, not to profit and not to compromise data. Had that been their intent, the malware they so successfully launched could have been used to assemble a botnet that could generate a steady income.

One lesson that could have been learned from Lovebug worm was that there's pretty much no good reason to allow an executable-file attachment through an e-mail server, Thompson says, but it took a year or more before that became an industry practice of corporate e-mail executives and ISPs.

Another lesson is that the most effective means for attacking a network is through social engineering of its human users. "There's no patch for foolishness," Thompson says.

Read more about wide area network in Network World's Wide Area Network section.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags firewallswormsecuritysecure email

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tim Greene

Network World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?