02:00 PM
Core System Testing: How to Achieve Success
Oct 06, 2016
Property and Casualty Insurers have been investing in modernizing their core systems to provide fl ...Read More>>

Billion-Dollar Love Bug Worm Marks Sixth Anniversary

The worm, one of the first major malware attacks, caused an estimated $7 billion to $10 billion in damages worldwide.

Six years ago Thursday the infamous "Love Bug" worm debuted to the dismay of the world's computer users, who fell for one of the first socially-engineered pieces of malware.

Also known as "ILOVEYOU," the worm duped millions in May 2000 into opening the e-mailed attachment by promising it was a message from a secret admirer. "kindly check the attached LOVELETTER coming from me," the e-mail's text read.

Once the worm infected the recipient's PC, it spawned clones and spread to other PCs by hijacking local e-mail addresses, a new tactic at the time. Love Bug also changed Internet Explorer's home page, destroyed image and digital music files, and snatched passwords.

The worm caused an estimated $7 to $10 billion in damage worldwide.

Filipino student Onel de Guzman, then 23, was arrested for writing the worm but was never prosecuted because the Philippines lacked anti-computer attack laws at the time.

"The Love Bug, and the Melissa worm before it, heralded a new era in malware of mass-mailing worms which relied upon social engineering to tempt people into double-clicking on malicious attachments," said Graham Cluley, senior technology consultant for Sophos, in a statement. "Users' e-mail systems became clogged up with an avalanche of malicious emails carrying worms such as Sobig, Anna Kournikova, and Naked Wife."

Cluley, however, noted that the malware landscape has changed big time in six years. Mass-mailed worms like Love Bug are declining, while Trojan horses are on a major upswing.

In 2001, for instance, Trojans accounted for only 21 percent of all malicious code; by April 2006, they made up 85 percent. Trojans, often planted by malicious Web sites in silent drive-by downloads, aim to install backdoor and other spyware to steal confidential, and salable, information such as bank and credit account passwords.

"At the time of the Love Bug most malware was written to show off, rather than to make money," acknowledged Cluley. "The new organized criminal gangs behind malware don't want their attack to hit the headlines, as that will increase the public's awareness about the threat. So they use Trojan horses, which can target a small number of people at a time, rather than mass-mailing worms which could infect millions at once."

Love Bug, and "Melissa," which preceded it by a year, are widely considered the opening salvos in the security attacks which continue to plague Windows users worldwide.

Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.