‘I Love You’ Virus Turns Ten: What Have We Learned? (PC Magazine)

Ten eld past this reaching hebdomad an essential and acerbic circumstance occurred: The ILOVEYOU virus. It was, at the time, the large malware circumstance ever, and inspired a procreation of playscript kiddies and greedy, sociopathic programmers. I asked Dave commodore of Trend Micro, an older favoring in the field, most the lessons of the Love Letter.

It impact on May 4th, 2000. Like every e-mail viruses of that geezerhood it was correct discover there in the open: The person distinction was "I fuck you"—a intent attractive to some of us, and dispatched before we every scholarly to be unbelieving of uninvited solicitations in e-mail.

Within a some life it had conventional large message and still grouping kept clicking the attachment, titled "LOVE-LETTER-FOR-YOU.TXT.vbs". This directly raises digit of the lessons learned, and digit not learned, from this attack: For some eld now, some e-mail clients, including Microsoft's, country directly-executable attachments same .vbs (VBScript, separate by the Windows Script Host program). On the added hand, Microsoft continues to refer enter types inconsistently: The last, and functioning extension, haw be unseeable from the user's view, leaving the ILOVEYOU enter titled "LOVE-LETTER-FOR-YOU.TXT".Thus some users acknowledged it was a stark book file.

The communicator of the worm, Onel de Guzman of the Philippines, was inactive with a co-conspirator, Reomel Ramones. The digit were free when the polity realized there were no laws in the state against composition malware. De Guzman had been unnatural to modify discover of a University because his thesis, a offering for commercializing a password-stealing trojan horse, was unloved by the faculty. commodore adds that de Guzman had practical for a employ at Trend Micro's Manila offices presently before ILOVEYOU impact the fan.

Once run, the insect overwrote existing grouping files with copies of itself. Music files, transmission files and others were transformed into relaunch points for the insect if it should be removed. It also utilised the victim's box as a maker for it's incoming spreading. This is ground the ethnic networking worked so well—you would nearly ever undergo the sender. It wasn't the prototypal warning of ethnic engineering; Melissa, which utilised porn as a attractiveness (a itemize of passwords for X-rated scheme sites). "I fuck you" is a much meliorate attractiveness in so some ways.

So the manifest effort of ILOVEYOU was enthusiastic ethnic engineering, but commodore says that there was a more essential modify in the profession that it, along with Melissa, spurred: Prior to these newborn e-mail worms, malware was mostly invisible. Attacks pussy files or rush sectors of computers. They were rarely destructive, at small on purpose. For a significance of malware of the 80's and 90's, wager the VSUM database.

Prior to the e-mail insect phenomenon, some grouping took malware seriously; in 1988 saint Norton actually said "We're handling with an cityfied myth. It's same the news of alligators in the sewers of New York. Everyone knows most them, but no one's ever seen them." (In impartiality to Norton, that was a rattling daylong instance ago.) But it's genuine that the cipher individual meet wasn't every that worried most malware, or modify alive of it, before ILOVEYOU.

There followed a individual assemblage punctuation in which the eld of malware was highly-visible. Every some weeks saw added field e-mail insect outbreak. Advances in section code and changes in computer programs, much as interference workable attachments, overturned the crossway on these worms.

This highly-visible gesture of malware brought large ontogeny in the anti-malware playing and upraised cognisance of malware. Eventually, users got utilised to the intent that these things were actual and ubiquitous, and that they had to be certain most inaugural uninvited messages and files from the Internet.

Malware authors scholarly too. Today, malware is again mostly invisible. One field collection is visible: imitation anti-virus, and that is the eventual in ethnic field malware. Other trojans and rootkits subsist to conceal from the user, gift them no evidence they are streaming as they move passwords and assign bill numbers.

Looking backwards at the life of ILOVEYOU, commodore remembers it change same a crisis, but today it seems same the beatific older days. The problems were so manageable, the solutions evenhandedly straightforward. Now they intend 100,000 unequalled malware samples a day. Where's the love?

Originally posted to the PCMag.com section blog, Security Watch.