LoveBug worm hit 10 years ago during a simpler time

Internet users that believed that online admirers meant "I love you" allowed the worm to strike

When the LoveBug worm hit 10 years ago, it was a different time when people believed admirers were really reaching out to say "I love you", personal firewalls were turned off by default and executable attachments weren't blocked at e-mail gateways.

Those circumstances allowed the Love Letter worm -- the first Visual Basic script worm -- to infect more than 50 million computers worldwide within a week, causing estimated $5 billion to $8 billion in damages, bringing down networks by maxing out their ability to fire off e-mails and causing painstaking disinfection of affected machines.

10 of the Worst Moments in Network Security History

At the time, unleashing the worm wasn't even a crime in the Philippines, where Reomel Ramones and Onel de Guzman created and then sent it off.

ILOVEYOU wasn't the first mass-mailing worm, but it was unique in that it knew no limits, says Roger Thompson, chief research officer for security vendor AVG. Melissa, the first such malicious attachment, sent copies of itself to just the first 50 entries in e-mail address books. ILOVEYOU sent it to all of them and kept on sending. "It didn't know when to shut up," Thompson says.

The attack was a wildly successful case of social engineering, sending people a malicious attachment via the hijacked e-mail address of someone the victims knew. The worm arrived as an e-mail attachment, subject line: ILOVEYOU. Because it was from someone known and trusted, people opened the attachment.

Opening it triggered a script that invaded e-mail address books and forwarded the same infected e-mail to every address in them, thereby propagating the worm. In its early hours the worm also connected to four Web sites that downloaded further malware that allowed attackers to steal passwords. Those sites were rapidly shut down. Today, with dispersed and shifting command-and-control servers used by attackers, that shutdown would be more difficult.

The motive of Ramones and de Guzman was just to see their creation work, not to profit and not to compromise data. Had that been their intent, the malware they so successfully launched could have been used to assemble a botnet that could generate a steady income.

One lesson that could have been learned from Lovebug worm was that there's pretty much no good reason to allow an executable-file attachment through an e-mail server, Thompson says, but it took a year or more before that became an industry practice of corporate e-mail executives and ISPs.

Another lesson is that the most effective means for attacking a network is through social engineering of its human users. "There's no patch for foolishness," Thompson says.

Read more about wide area network in Network World's Wide Area Network section.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags firewallswormsecure email

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tim Greene

Network World
Show Comments

Father’s Day Gift Guide

Brand Post

Bitdefender 2019

Bitdefender’s best-in-class security solutions have been awarded Product of the Year. Get cybersecurity that 500 MILLION users already have and trust!

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?