em360tech image

“I love you.” 

For many, hearing those three little words is the first sign that your romantic relationship has become more than just a fling.  

But for millions of email users in the early 2000s, those famous three words were a sign that love can bite back – and cost billions of dollars in damages when it does. 

The infamous ILOVEYOU virus turned a simple love letter into a billion-dollar email love bug that infected millions of computers around the world and caused billions in damages.

Known today as one of the first and worst computer worms in history, the ILOVEYOU virus serves as a terrifying example of how far email threats can go when no one is aware of the risk they pose. 

This article explores how the ILOVEYOU Virus infected millions of computers worldwide, delving deep into what it was and the impact it had on cybersecurity. 

What is the ILOVEYOU Virus?

The ILOVEYOU virus, also known as the Love Bug or Loveletter, was a computer worm that infected millions of Windows PCs in the early 2000s.

The worm infected as many as ten million PCs by tricking users into opening an attachment that appeared to be a harmless love letter, overwriting the victim’s important system files to cause data loss and system crashes.

The ILOVEYOU virus arrived hidden in an email with the subject line "ILOVEYOU" and an attachment named "LOVE-LETTER-FOR-YOU.TXT.vbs". 

iloveyou virus

Example of the ILOVEYOU virus.

Back then, Windows by default hid file extensions, making the attachment appear like a harmless text file. The virus exploited this by making the attachment appear like a text file (.txt) when it was actually a malicious VBScript (.vbs) file

Once opened, the script would send copies of itself to all the email addresses in the victim's contact list, overwrite important system files, and potentially steal passwords. 

The ILOVEYOU virus is estimated to have infected over 10 million personal computers and caused billions of dollars in damages worldwide.

How did the  ILOVEYOU Virus work?

The ILOVEYOU virus used a combination of social engineering and technical trickery to wreak havoc on its victims. 

The worm arrived disguised as an email with a seemingly innocent subject line "ILOVEYOU" and an attachment named "LOVE-LETTER-FOR-YOU.TXT.vbs".

Upon opening, the VBScript automatically email itself to all the addresses in the victim's email contact list, allowing it to spread rapidly. The script would overwrite critical system files, causing crashes and data loss. 

The worm inflicted damage on the local machine, overwriting random files, including Office files and image files. Then, it copied itself to all addresses in the Windows Redirected URL Book used by Microsoft Outlook, allowing it to spread much faster than other email worms that came before it. 

Some variants of the ILOVEYOU virus also attempted to steal passwords, posing an additional security risk. The combination of social engineering and exploiting a weakness in how Windows displayed files made the ILOVEYOU virus a very effective tool for causing damage.

Who was behind the ILOVEYOU Virus?

The ILOVEYOU virus was created by Onel de Guzman, a computer science student in the Philippines. He was only 24 years old at the time. 

De Guzman wasn't apprehended for creating the virus because there weren't any laws in the Philippines specifically against creating malware at the time. This loophole prevented legal action against him.

iloveyou virus onel de guzman

The Philippines did however pass the E-Commerce Law in 2000, likely in part due to the ILOVEYOU virus, to address future malware creation. However, this law couldn't be applied retroactively to de Guzman's case.

De Guzman avoided public attention and his whereabouts remained unknown for many years after the incident. In 2020, an investigative journalist finally located him working at a mobile phone repair shop in Manila. De Guzman admitted to creating and releasing the virus, but it seems he prefers to stay out of the spotlight.

Why was the ILOVEYOU virus so dangerous?

The year 2000 was a time when internet use was becoming more widespread. But security awareness and protection weren't as established as they are today and this made users more vulnerable to the ILOVEYOU virus.

You have to remember that the ILOVEYOU virus was one of the first computer worms to use phishing and social engineering to catch its victims. People simply didn’t understand like they do today how dangerous malicious emails could be. 

The "ILOVEYOU" subject line and "LOVE-LETTER" attachment made each email seem more personal, lowering their guard and making them more likely to open the attachment without suspicion. By taking advantage of how Windows hid file extensions by default, it made it very easy for users to be tricked into opening it.

The worm's ability to automatically email itself to all the contacts in an infected computer's address book also allowed it to spread incredibly fast. This exponential growth meant it could infect millions of machines in a very short amount of time.

The virus didn't just spread either; it also caused damage. Overwriting critical system files resulted in data loss, system crashes, and overall disruption. 

Some variants even attempted to steal passwords, making the virus incredibly dangerous in an age where many were yet to understand the security implications of storing sensitive data online. 

What can we learn from the ILOVEYOU virus?

While it may be a relic of the early internet age, the ILOVEYOU virus, offers valuable lessons that remain relevant today.

Like many of the most common cyber attacks today, the virus used phishing techniques such as emotional triggers and curiosity to breach security defences. 

This technique fools millions of people today, with a whopping 94% of organizations still reporting that they are falling victim to phishing attacks, according to a 2023 report by the cybersecurity firm Egress.

Still, continuing to spread awareness about online threats and safe computing practices can significantly reduce the risk of falling victim to cyber attacks.

The ILOVEYOU virus would have been much less damaging if its targets knew the telltale signs of a social engineering or phishing scam. 

By staying vigilant and practising safe online habits, we can better protect ourselves from falling victim to new and sophisticated cyber threats.