Overview[]
ILOVEYOU or LOVELETTER was a computer worm that successfully attacked tens of millions of Windows computers in 2000 when it was sent as an attachment to an email message with the text "ILOVEYOU" in the subject line. The worm arrived in e-mail boxes on and after May 5, 2000, with the simple subject of "ILOVEYOU" and an attachment "LOVE-LETTER-FOR-YOU.TXT.vbs". The final 'vbs' extension was hidden by default, leading unsuspecting users to think it was a mere text file. Upon opening the attachment, the worm sent a copy of itself to everyone in the Windows Address Book and with the user's sender address. It also made a number of malicious changes to the user's system.
A hacker in the Philippines, Onel de Guzman, 22 yrs old, unleashed the virus.
Four aspects of the worm made it effective:
- It relied on social engineering to entice users to open the attachment and ensure its continued propagation.
- It relied on a flawed Microsoft algorithm for hiding file extensions. Windows had begun hiding extensions by default; the algorithm parsed file names from right to left, stopping at the first 'period' ('dot'). In this way the exploit could insert the second file extension 'TXT' which to the user appeared to be the real extension; text files were presumed to be innocuous.
- It relied on the scripting engine being enabled. This was actually a system setting; the engine had not been known to have been ever used before this; Microsoft received scathing criticism for leaving such a powerful (and dangerous) tool enabled by default with no one the wiser for its existence.
- It exploited the weakness of the email system design that an attached program could be run easily by simply opening the attachment and gain complete access to the file system and the registry.
See also[]
- Critical Infrastructure Protection: 'ILOVEYOU' Computer Virus Highlights Need for Improved Alert and Coordination Capabilities
This page uses Creative Commons Licensed content from Wikipedia (view authors). |