The LoveBug worm, a simple email that spread a virus to millions of computers a decade ago, paved the way for many of today's social engineering and targeted cyber attacks Ten years ago today, on May 4, 2000, a security team with MessageLabs, a provider of messaging security services, came in to work and discovered the number of viruses its system had intercepted in the last several hours was off the charts. “It was higher than it normally was in an entire day,” recalls Paul Fletcher, part of that team and now chief software architect with Symantec Hosted Services, which later acquired MessageLabs. “That was our first indication that something was up.” What was up was the LoveBug. Millions of recipients around the world received an infected message from email contacts with the subject line “ILoveYou”. Inside was a malicious attachment titled “LOVE-LETTER-FOR-YOU.TXT.vbs”. The virus had the ability to overwrite other documents on a recipient’s computer, such as jpg files. It sent itself to all of the recipients’ email contacts, racking up approximately 45 million victims in just days. Also see Why Some Classic Viruses May Come Back to Haunt a Corporate Network Near You“We hadn’t seen anything like it before,” said Fletcher. “We didn’t know we were going to stop that virus that day; no one even knew it existed.” The LoveBug virus was an old-style cyber-crime attempt, the kind done more for attention than for financial gain. It was a notoriety type of virus, it wanted to be noticed. The LoveBug was more about vandalism than any serious crime ” But it set the stage for today’s threat landscape, explained Fletcher. While today’s attacks typically involve malware installation that hides on a computer in order to gain sensitive information, criminals often use sophisticated social engineering attacks to snare users, which is what the LoveBug did in 2000 when email was still early in its development into an important business tool. “It was a very simply message. A very short message but it was very effective in terms of peaking the interest of the recipient,” noted Fletcher. “Criminals started realizing the potential for email and the Internet as a means to conduct their criminal activities from. What you started to see after that was a spread of malware as a means to an ends of distributing other things; Trojans, malware, etc.” Today’s threats now go beyond email as a way to find victims, said Fletcher. Attacks now use the web, as well, making it necessary not only to scan email, but web traffic. “Now what we see are the blended threats,” he said. “You’ll receive an email that doesn’t have anything in it, but in it has a link where you go somewhere and download malware. They come together to deliver the final payload.” Related content news The US offers a $2.5M bounty for the arrest of Angler Exploit Kit co-distributor The State Department has placed a bounty of up to $2.5 million on information leading to Volodymyr Kedariya’s arrest. By Shweta Sharma 29 Aug 2024 3 mins Hacking Cybercrime analysis RansomHub, Play, Akira: Die gefährlichsten Ransomware-Banden Nachdem LockBit durch Polizeieinsätze geschwächt wurde, versuchen andere Banden wie Play und Cactus deren Platz einzunehmen. By Martin Bayer 14 Aug 2024 5 mins Cybercrime analysis Sellafield drohte IT-GAU: Massive Security-Lücken in britischer Atomanlage Nachdem Untersuchungen immer mehr katastrophale Security-Lücken im britischen Sellafield offenlegten, haben die Behörden ein Verfahren gegen die Betreiber eröffnet. By Martin Bayer 13 Aug 2024 5 mins Cybercrime analysis Microsoft OneDrive und Google Drive als Angriffsbasis: Hacker verstecken sich in der Cloud Immer mehr Hacker-Gruppen, auch staatlich gesteuerte, nutzen frei verfügbare Cloud-Dienste als Plattform für ihre Angriffe. By Lucian Constantin 12 Aug 2024 4 mins Cybercrime PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe