ILOVEYOU
| Common name | Love Letter |
|---|---|
| Type | Computer worm |
| Point of origin | Philippines |
| Operating system(s) affected | Windows 95, Windows 98, Windows NT, Windows 2000, Windows ME |
| Written in | VBScript |
ILOVEYOU, sometimes referred to as Love Bug or Love Letter, was a computer worm that attacked tens of millions of Windows personal computers on and after 5 May 2000 local time in the Philippines when it started spreading as an email message with the subject line "ILOVEYOU" and the attachment "LOVE-LETTER-FOR-YOU.txt.vbs". The latter file extension (in this case, 'VBS' – a type of interpreted file) was most often hidden by default on Windows computers of the time, leading unwitting users to think it was a normal text file. Opening the attachment activated the Visual Basic script. The worm did damage on the local machine, overwriting random types of files (including Office files, image files, and audio files; however after overwriting MP3 files the virus would hide the file), and sent a copy of itself to all addresses in the Windows Address Book used by Microsoft Outlook. In contrast, the Melissa virus only sent copies to the first 500 contacts. This made it spread much faster than any other previous email worm.
On the machine system level, ILOVEYOU relied on the scripting engine system setting (which runs scripting language files such as .vbs files) being enabled, and took advantage of a feature in Windows that hid file extensions by default, which malware authors would use as an exploit. Windows would parse file names from right to left, stopping at the first period character, showing only those elements to the left of this. The attachment, which had two periods, could thus display the inner fake "txt" file extension. Text files are considered to be innocuous, as they are normally incapable of running executable code. The worm also used social engineering to entice users to open the attachment (out of actual desire to connect or simple curiosity) to ensure continued propagation. Systemic weaknesses in the design of Microsoft Outlook and Microsoft Windows were exploited that allowed malicious code capable of complete access to the operating system, secondary storage, and system and user data simply by unwitting users clicking on an icon.
...
Wikipedia