LoveBug worm hit 10 years ago during a simpler time

Internet users that believed that online admirers meant "I love you" allowed the worm to strike

When the LoveBug worm hit 10 years ago, it was a different time when people believed admirers were really reaching out to say "I love you", personal firewalls were turned off by default and executable attachments weren't blocked at e-mail gateways.

Those circumstances allowed the Love Letter worm -- the first Visual Basic script worm -- to infect more than 50 million computers worldwide within a week, causing estimated $5 billion to $8 billion in damages, bringing down networks by maxing out their ability to fire off e-mails and causing painstaking disinfection of affected machines.

10 of the Worst Moments in Network Security History

At the time, unleashing the worm wasn't even a crime in the Philippines, where Reomel Ramones and Onel de Guzman created and then sent it off.

ILOVEYOU wasn't the first mass-mailing worm, but it was unique in that it knew no limits, says Roger Thompson, chief research officer for security vendor AVG. Melissa, the first such malicious attachment, sent copies of itself to just the first 50 entries in e-mail address books. ILOVEYOU sent it to all of them and kept on sending. "It didn't know when to shut up," Thompson says.

The attack was a wildly successful case of social engineering, sending people a malicious attachment via the hijacked e-mail address of someone the victims knew. The worm arrived as an e-mail attachment, subject line: ILOVEYOU. Because it was from someone known and trusted, people opened the attachment.

Opening it triggered a script that invaded e-mail address books and forwarded the same infected e-mail to every address in them, thereby propagating the worm. In its early hours the worm also connected to four Web sites that downloaded further malware that allowed attackers to steal passwords. Those sites were rapidly shut down. Today, with dispersed and shifting command-and-control servers used by attackers, that shutdown would be more difficult.

The motive of Ramones and de Guzman was just to see their creation work, not to profit and not to compromise data. Had that been their intent, the malware they so successfully launched could have been used to assemble a botnet that could generate a steady income.

One lesson that could have been learned from Lovebug worm was that there's pretty much no good reason to allow an executable-file attachment through an e-mail server, Thompson says, but it took a year or more before that became an industry practice of corporate e-mail executives and ISPs.

Another lesson is that the most effective means for attacking a network is through social engineering of its human users. "There's no patch for foolishness," Thompson says.

Read more about wide area network in Network World's Wide Area Network section.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags firewallswormsecuritysecure email

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tim Greene

Network World
Show Comments

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?