About Posts Others Categories

Contents

ILOVEYOU: The Deadliest Computer Worm on Earth

 included in Case Study
   1108 words   6 minutes 
/iloveyou.png

Discover how, who, and why I love You was developed.

1.What is a worm?

A worm is a form of malware that reproduces on its own and spreads without the help of a host.

Malware worms are compared to actual world worms to make understanding easier. Rather than travelling through the soil, these computer worms go across computer networks, such as the internet, and seek out other systems to infect.

A worm can copy itself and transmit those copies to other computers once it finds one to infect. It continues to spread like a chain reaction from computer to computer, doing this repeatedly.

Worms differ from other computer viruses due to their ability to spread.

2.ILOVEYOU

Over ten million Windows personal computers were infected by the computer worm ILOVEYOU, also known as Love Bug or Love Letter for You, either on or after May 5, 2000.

/iloveyou-virus-2000.png
A screenshot showing a copy of the ILOVEYOU virus email which spread around the world in May 2000

The spam emails had the following formatting:

  • Subject line: ILOVEYOU
  • Body text: kindly check the attached LOVELETTER coming from me
  • Attachment: LOVE-LETTER-FOR-YOU.TXT

3.Who wrote it?

Onel de Guzman, a 24-year-old Filipino living in Manila, came from a low-income household and couldn’t afford Internet connection at the time.

/onel-de-guzman-2000.png
Onel De Guzman on May 2000 at news conference

As a result, he made a worm for his thesis at AMA Computer College, which was rejected, and he dropped. Then he applied the same theories from his thesis, influenced by the worm virus Mellisa which is a “macro virus” that send emails to the first 50 addresses on their mailing lists.

/thesis-rejected.png
De Guzman's thesis rejected at AMA Computer College

He also made use of Windows 95 vulnerabilities that allowed code to be executed in email attachments when a user clicked on them. De Guzman eliminated the geographic restriction out of curiosity; he had not anticipated this widespread distribution. It thus resulted in the computer infection ILOVEYOU.

He claimed that his activities were not theft since he believed that having access to the Internet is a fundamental human right.

4.Who was charged?

The National Bureau of Investigation (NBI) of the Philippines has accused Joy Padios, Onel De Guzman, and Reonel Ramones of developing and spreading the deadlist malware known as ILOVEYOU. But the state prosecutors subsequently dropped their proceedings against them because there weren’t cybercrime laws in the Philippines in 2000.

5.How did it Work?

The ILOYEYOU script was developed in Microsoft Visual Basic Scripting (VBS), which is the default scripting language in Microsoft Outlook (controls calendar, stores contact information, sends and receives email, and keeps track of tasks).

ILoveYou employed phishing techniques to convince the victim to open the email attachment that it claimed to be a love letter from the sender. Humans are inherently emotional and curious, so when the victim clicked the attachment, the script starts execution and completes its tasks.

Once the computer is infected, the script will carry out the following tasks:

  • Makes numerous copies of itself, some of which are hidden in specific directories, while others replace and overwrite files including JPG, JPEG, VBS, VBE, JS, JSE, CSS, WSH, SCT, DOC, HTA, MP2, and MP3. But rather than being overwritten, MP3s and other sound-related files would be hidden.
  • Changes Windows registry keys, compromising the OS’s fundamental architecture
  • Sends itself to every email address on the contact list
  • Generates a file called “WIN-BUGSFIX.EXE” that steals the user’s passwords.

Since the script was written in VBS, it was very simple to access the source code and modify it. This made it possible for more than 25 different versions of ILOVEYOU spread online and cause various types of damage.

6.How did it Affect?

Within ten days, approximately fifty million infections were recorded, and it is estimated that 10% of the world’s Internet-connected machines were impacted.

From Manila, Philippines, the worm began to spread to every nation on earth. According to estimates, the worm cost $10–15 billion to eradicate and caused damages worth US$5.5–8.7 billion over the world.

Most companies data was encrypted, and it took a long time to obtain a backup.In response to the incident, which was one of the most deadly computer-related disasters in history, the Pentagon, the CIA, and the U.K. Parliament all shut down their email systems.

Fact
This incident prompted Pet Shop Boys to release the song “E-mail”, whose underlying message was to depict the human desire that enabled the widespread destruction of this computer infection.

7.Aftereffects of ILOVEYOU

Since there were no cybercrime laws existing in the Philippines in 2000, both Ramones and de Guzman eventually had their cases against them dropped by the state prosecutors. Republic Act No. 8792, generally known as the E-Commerce law, was passed by the Philippine Congress two months later in July 2000 in response to the legislative loophole.

De Guzman last made an appearance in 2000 during a news conference, where his lawyer primarily addressed all of his questions since he dislikes being in the spotlight.

The Smithsonian Institution listed ILOVEYOU as one of the top ten most dangerous computer viruses ever in 2012.

After 20 years, in May 2020, the investigative journalist Geoff discovered Onel de Guzman working at a mobile phone repair shop in Manila while conducting research for his cybercrime book Crime Dot Com.

Onel de Guzman also acknowledged that he wrote the malware, released it, and used it to steal internet access credentials because he couldn’t afford to pay the access. He also claimed that the malware was his own creation, dismissing the two other people who had been suspected of co-authoring the worm.

8.Ways to stop such attacks

Some methods to prevent worms are listed below:

  • Installing malware-detecting software to safeguard the computers
  • Don’t share emails to sources you don’t trust.
  • Never open emails from unidentified sources.
  • Before downloading email attachments, double-check them.
  • Maintain regular data backups
  • updating the computer’s operating system and other applications on a regular basis

9.conclusion

The fewer the desires, the more peace -Woodrow Wilson

De Guzman only developed malware to steal credentials out of a simple desire to have an internet connection. He could have become a top cyber specialist with strong financial stability and avoided spending his entire life working at a phone repair stall if he had been able to apply his intelligence wisely.

Happy Reading and I hope the information was helpful…🐾

Updated on 2023-05-28
Back | Home