Tales In Tech History: ‘I Love You’ Virus


The ‘I love you’ worm had a devastating impact on computer networks worldwide seventeen years ago

With the WannaCry ransomware still fresh in the collective awareness, now is perhaps a good time to look back at one of the earliest pieces of malware that impacted millions of computers around the world.

It was seventeen years ago, or May 2000 or be exact when the ‘I love you’ bug (also known as ‘Love Bug’ or ‘Love ‘Letter’) attacked tens of millions of Windows personal computers.

The worm demonstrated the global reach of malware to businesses that was rapidly embracing the PC, and showed how a cleverly designed virus could take advantage of social engineering for the first time to achieve a devastating impact.

wormsSocial Engineering

It was the simple principle behind the ‘I Love You’ (ILY) virus which took advantage of human physiology, namely one of humanity’s most base desires (…to be loved).

The way the ILY virus operated was as follows. The email resembled a love letter.

Essentially what would happen is the victim would receive an email from a person he or she knew, entitled ‘ILoveYou’.

“Kindly check the attached LOVELETTER coming from me,” read the email. But once the victim clicked on what seemed to be a text file called ‘Love-Letter-For-You’, the virus would install itself on the PC and then the real problems would begin.

Firstly, the ILY virus would replace all files with media extensions such as images, documents and MP3s with copies of itself. Then in an effort cause maximum damage, the virus would send an identical email to all the contacts of a victim’s Outlook address book.

The virus itself was written in Microsoft Visual Basic Scripting (VBS) which ran in Microsoft Outlook and was enabled by default.

It is generally acknowledged that the ILY virus was the first successful use of social engineering in the PC world, and its scale demonstrated the damage a piece of malicious code could do against the fairly basic spam filters and anti-virus packages of the day.

Sure there was plenty of malware around back in the 2000s, but the ILY bug took things to another level as combating it was very hard, and big companies were often the hardest hit.

The ILY bug caused email systems and computer networks to grind to a halt under the the tsunami of emails the worm generated.

The ILY bug was also the first time that a computer virus made national news headlines, but sadly it wasn’t the last.

Who Done It?

So who was responsible for the virus? Well it started off in the Philippines and who was responsible was never proved in a court of law.

That said, two young Filipino computer programmers, Onel de Guzman and Reonel Ramones, were quickly identified as the potential culprits. Both young men were members of a underground group of computer science students that called itself GRAMMERSoft.

Ramones was arrested, while de Guzman went into hiding for a few days, but later he resurfaced and was arrested.

They maintained all along that whilst they did write computer viruses, they didn’t know if the ‘I Love You’ worm was one of theirs.

And both men were never charged with a crime, because seventeen years ago Philippine law did not include any provision for computer crimes.

So as there was no Philippine law against writing malware, both Ramones and de Guzman were released with all charges dropped by state prosecutors.

Aftermath And Legacy

The “I Love You” virus was the first real wake up to the world of the dangers of malicious code. It was the first of many virulent malware infections, and no doubt it won’t be the last.

The “I Love You” virus showed the power of social engineering, and demonstrated how easy it was to take advantage of the human condition (as well as technical flaws), to cause real damage.

Seventeen years later those two vulnerabilities are still present, and they still tend to be the most common routes exploited by cybercriminals today.

Quiz: Are you a security guru?