ILOVEYOU (The virus that loves you)

A virus with a dedication… maybe that’s why it was so successful.

ILOVEYOU or otherwise known of Love Letter is a computer word that spread 2000, it is a worm that affects only Microsoft Windows OS and it is written in Microsoft Visual Basic Scripting. The total damage is estimated to be around 10 billion dollars and it has infected 45 to 50 million computers.

This virus is an interesting one because it’s name and the success of it’s spreading.

The name ILOVEYOU comes from the subject of the infected email and that email contains a message like: “ Kindly check the attached LOVELETTER from me. ” and it also comes with an attachment which contains the virus.

This virus has exploited some vulnerabilities at that time and that’s why nowadays is not such a security risk.

One of the exploits was that the extension of the file was hidden by default and most people thought that it was a text file containing a harmless message.

Another exploit was that the script engine on Microsoft Windows  was enabled and the virus could infect the computer immediately.

The real damage of the worm is that it attacks files with the extension .JPG, *.JPEG, *.VBS, *.VBE, *.JS, *.JSE, *.CSS, *.WSH, *.SCT, *.DOC **.MP3 and *.MP2. It will replicate the file with a .VBS extension which contains the virus code and after that it will delete the original file which result in permanent loss of the file (except if you have a backup).

Another reason that the virus was so successful is that it was self-spreading  and with the name of the subject and the content most people thought that the mail comes from an acquaintance.

I have chosen this subject because I like the method of which the virus spreads and it intrigued me how fast it has spread. I think this virus attack was one of the worst worldwide and it has used some of the OS vulnerabilities at that time but also the personal content of the email.

http://en.wikipedia.org/wiki/ILOVEYOU

http://www.symantec.com/security_response/writeup.jsp?docid=2000-121815-2258-99

Advertisements
This entry was posted in IT Security, Week 18. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s