Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

20 Years Later, Creator of World's First Major Computer Virus Located in Manila (bbc.com) 100

"The man behind the world's first major computer virus outbreak has admitted his guilt, 20 years after his software infected millions of machines worldwide," reports the BBC: Filipino Onel de Guzman, now 44, says he unleashed the Love Bug computer worm to steal passwords so he could access the internet without paying. He claims he never intended it to spread globally.

And he says he regrets the damage his code caused. "I didn't expect it would get to the US and Europe. I was surprised," he said in an interview for Crime Dot Com, a forthcoming book on cyber-crime.

The Love Bug pandemic began on 4 May, 2000. Victims received an email attachment entitled LOVE-LETTER-FOR-YOU. It contained malicious code that would overwrite files, steal passwords, and automatically send copies of itself to all contacts in the victim's Microsoft Outlook address book. Within 24 hours, it was causing major problems across the globe, reportedly infecting 45 million machines...

He claims he initially sent the virus only to Philippine victims, with whom he communicated in chat rooms, because he only wanted to steal internet access passwords that worked in his local area. However, in spring 2000 he tweaked the code, adding an auto-spreading feature that would send copies of the virus to victims' Outlook contacts using a flaw in Microsoft's Windows 95 operating system.

"It's not really a virus," wrote CmdrTaco back on May 4, 2000. "It's a trojan that proclaims its love for the recipient and requests that you open its attachment. On a first date even! It then loves you so much that it sends copies of itself to everyone in your address book and starts destroying files on your drive...

"Pine/Elm/Mutt users as always laugh maniacally as the trojan shuffles countless wasted packets over saturated backbones filling overworked SMTP servers everywhere. Sysadmins are seen weeping in the alleys."
This discussion has been archived. No new comments can be posted.

20 Years Later, Creator of World's First Major Computer Virus Located in Manila

Comments Filter:
  • The first major computer virus was the internet work in the late 80s or early 90s. (I'm too lazy to look up the exact year.

    Certainly pre-dating this one by a long time.
    • You're thinking of the Morris Worm.

      Worms spread by themselves. Viruses and Trojans require human interaction. Iloveyou could be classified as a virus or Trojan because it only works when the victim clicks to run the code.

      The exact term which should be applied is little unclear because of the eay tye definitions work, but really Iloveyou is a trojan.

      • You're thinking of the Morris Worm.

        Can't help but wonder why you didn't include a "no relation" disclaimer. Hmm...

      • What? No! Worms are a form of virus.

        http://www.catb.org/~esr/jargo... [catb.org]
        (If you do not know this site, and what the "jargon" in the url means, please hand in your geek card.)

        Viruses do not need human interaction! That's only trojans! Hence the name.

        Viruses traditionally looked for other executables on the computer. Including floppy disk boot sectors and contents.
        The only human action back then was carrying a floppy over, but that was only because there was no network drive or BBS, not because of the kind of ma

        • by AvitarX ( 172628 )
          I thought Trojans didn't replicate themselves.

          That's my memory of the distinction, but it's been long long time and definitions are pliable.

          As I remember it though, viruses replicate on a computer, but require people to move them to different computers. Worms replicate themselves to new computers. Trojans don't replicate themselves and are disguised as to what they do (but often not subtle once run). Logic bombs are Trojans that act normal for a while before going off.

          There's maybe something in the back of
          • by chuckugly ( 2030942 ) on Sunday May 03, 2020 @02:44PM (#60018408)

            Trojans just pretend to be something they are not. Like a love letter or an archive of naked tennis player pictures. A virus can be a trojan and I suppose also a worm, they are not firm and mutually exclusive categories. I've worked for several AV firms since 2000 and this is hardly a new discussion. Rules are created to allow classification, sometimes they are changed.

            At one point someone decided a worm was malware (ooooh new term) that didn't need to become resident in storage. I'm not sure if that stuck, I think that was around the time of Code Red. I got pretty bored with this sort of pointless meeting pretty fast. They do what they do, and they've been doing since before the first AV software came out. Obviously.

        • by suutar ( 1860506 )

          from that site:
          worm - A program that propagates itself over a network, reproducing itself as it goes
          virus - A cracker program that searches out other programs and ‘infects’ them by embedding a copy of itself in them, so that they become Trojan horses. ... Unlike a worm, a virus cannot infect other computers without assistance

        • by The Rizz ( 1319 )

          Viruses do need human interaction to spread, insofar as a human needs to make the computer access whatever has the virus, be it by visiting a webpage, inserting a disk, of clicking an executable.

          Worms propagate themselves by establishing outgoing connections to other computers or devices to find something to infect.

          Basically, viruses wait for you to run into them, while worms actively search for you.

      • You're thinking of the Morris Worm.

        Username checks out.

    • Comment removed based on user account deletion
      • Yes, I remember a floppy-based one for DOS 3.3 on the Apple // called âoeCancer DOSâ also back in the mid-1980s. It would stay resident in memory after booting from an infected floppy only to replicate itself to the next floppy inserted into the drive. When operational it would randomly corrupt/overwrite data on the disk.
    • The Morris worm was a pretty big deal: https://en.wikipedia.org/wiki/... [wikipedia.org]

      I remember when it ravaged the internet in the early days. I guess 20th century stuff is erased now.

    • This wasn't even the first Outlook virus, Melissa virus came first [wikipedia.org].
    • My first experience with viruses was around 1990 when my computer stated "Your computer is now stoned" and wouldn't boot anymore. This was after bringing home a floppy I used in the computer lab at school. It's also when I learned to install OS's.
      https://en.wikipedia.org/wiki/... [wikipedia.org]

      • by jimbo ( 1370 )

        I remember that one well. Was fixed by booting off a clean rescue floppy and run "sys c:"

    • by cusco ( 717999 )

      It was the first Word macro virus, I believe that up to that point most malware depended on the OS for its functionality rather than using an application's hooks.

    • by Morty ( 32057 )

      We had PC computer viruses that caused "major" damage by the mid 1980s. Internet connectivity was rare at the time. But they didn't need Internet connectivity, thanks to floppy sharing and even BBSs. I remember the Pakistani Brain Virus, in particular, as one that people feared; wikipedia says it hit in early 1986. PCs and their viruses were pretty widespread by the late 1980s / early 1990s.

      Of course, viruses spread a lot more slowly in the pre-Internet days. So the more destructive ones would include

  • by Anonymous Coward
    that's where I assumed this was going.
  • So better load any attached image, render any HTML, and run any JavaScript and ActiveX script. I want this blinking comic sans to appear beautifully on my 16 million color display!

    • Ditto for websites.

      I think seding somebody a video message is not any stranger than sending somebody a plain text one.

      It's the point where it becomes more of an application platform, where it goes wrong.

      I think it should just be data structures. Presentation and logic should be left to the user. Especially interactivity.
      Servers could offer additional logic, like data query features, to avoid sending over the complete structure and database. But that's it.

  • Comment removed based on user account deletion
    • I really thought your post was going to end up with how you became the prince of a town called Bel Air. Your version was okay too. :)
    • by dwywit ( 1109409 )

      I found out about overloaded exchange servers when one of the admin assistants sent an email to everyone in the address book. It had an attachment - some flyer for a charity - and she'd scanned it in at full-res, high quality settings.

      A 52MB attachment to ~500 users, some remote. The boss asked "why", and after I'd explained it to him, agreed that only selected personnel* would have access to the "All staff" mailing list. But not including his secretarial pool, one of whom was the cause of all the fuss.

      * ye

      • by cusco ( 717999 )

        Not just Outlook. Elf_Bowling.exe crashed our SMTP server three days running after a dingbat in the travel center forwarded it to her 45 closest friends, who then did the same. We put a filter to stop Elf_Bowling.exe, so someone was bright enough to change it to Elf-Bowl.exe the next day, and Elf.txt the next day with instructions to change the extension. By the next day pretty much everyone in the company had a copy so it finally died down.

        • Not just Outlook. Elf_Bowling.exe crashed our SMTP server three days running after a dingbat in the travel center forwarded it to her 45 closest friends, who then did the same. We put a filter to stop Elf_Bowling.exe, so someone was bright enough to change it to Elf-Bowl.exe the next day, and Elf.txt the next day with instructions to change the extension. By the next day pretty much everyone in the company had a copy so it finally died down.

          This is basically the way human viruses work - keep mutating until everyone already has it, at which point transmission goes down to background radiation sort of level.

  • by BAReFO0t ( 6240524 ) on Sunday May 03, 2020 @12:25PM (#60018058)

    "The first"??

    Computer viruses had been spreading through the word for decades already! Antivirus software was a standard thing by then!

    Next up: "September 1993 [catb.org], when AOL invented the Internet."

    Reminds me of ... The Un [youtu.be].

    • "The first"??

      I know reading to the end of a sentence is difficult, but you could at least read all the adjectives in front of the noun instead of cherry picking the ones you like because you feel the need to post some nonsense.

  • by Anonymous Coward

    He's now trying to steal Microsoft Office 365 passwords [slashdot.org]

  • the Sniff Test. c'mon!

    Just my 2 cents ;)
  • I remember that several clients of the company I worked for in 1990 were really upset that their computers were suddenly endorsing marijuana usage. We were developing vertical market software, and it was often the case that nearly nothing else would ever run on the PC's which ran our software, so some of the clients reacted to the message as if our company were to blame.
  • If you maliciously do that much damage, normally there are consequences. Or is he coming out now because there is a 20-year statute of limitations?

    • by Anonymous Coward

      I imagine he's responsible for more man-hours being wasted than he has left to live, which should mean his life is forfeit. Unfortunately I'm not in charge.

  • by Gription ( 1006467 ) on Sunday May 03, 2020 @01:39PM (#60018262)
    Uhhh, "major computer viruses" were common a decade earlier. They were common before HTTP/the WorldWideWeb was invented. Back in the early 90's I had a folder full of samples of viruses that were so common that I had read about them and then people brought disks into the office that actually were infected with them. (And then Symantec had an update that ignored the "don't scan this folder" setting and it wiped them out.) Seeing that this was "pre web" they had to be pretty damned common for them to show up in my office. Stoned, Michelangelo, etc

    I think every new generation thinks they invented everything and they forget or don't realize that a bunch of stuff came before them.

    And if someone wants to quibble about what a "major, modern virus" is and they don't think that what was before counts then "Love" was only a blip. The first truly modern virus came out exactly one week after 9/11 (09/18/2001). NIMDA used a whole array of features that meant that it spread simply by highlighting it on multiple platforms. (File Explorer and in a browser!)
    • Guess that's because most slashdotters are very young now. Norton Antivirus was introduced 1991, almost 30 years ago, was a huge problem then

      • Just a bit of detail:
        Symantec bought Norton Antivirus in the early 90s but Symantec Antivirus was quite a different product and it came about later.

        Symantec Antivirus was from their purchase of the Intel LanDesk Antivirus in the late 90s and it was way WAY better than Norton. It was much lower processor overhead, better detection, much better supported, much easier to roll out, etc. Norton made lots of people mad especially with endless bloat of modules, additional programs, junkware, ad nauseam...
    • Uhhh, "major computer viruses" were common a decade earlier.

      Nope. Computer viruses were common. "Major" is the adjective here people are willfully ignoring. Viruses were dime a dozen. I had plenty sitting on floppies by the mid 90s in a box that said "warning do not run" on them. None of them:

      - spread like this one (infecting >50million PCs)
      - came at a time when computer viruses were relevant to the economy (seriously all computers in the world could go down in the early 90s and it would barely make a blip, in 2000 the landscape was very different).
      - caused $15 b

      • Nope, nope, and nope. "Michelangelo" and other's made headlines for months. The fact that they could spread so far with no internet was astounding and it cost money to fix. "Love" made the news because of the name but it didn't do real damage, wasn't very wide spread (percentage wise), and it didn't cost lots to clean up. It mostly hit home users that would click on anything.

        In 2001 "Code Red" was a the first major worm to attack Windows enterprise servers (IIS) and the technology in that was used as part
  • ...probably one of the more amusing. Those emails were indiscriminate. I was working as a consultant then and this thing was just chaos. Fax machines and printers were spewing out a constant stream of the virus' email. Cell phones were getting hammered with text messages. Anything with an email gateway was getting spammed with it. At the time it was annoying as hell. I remember walking out of the office (where I had bad cell coverage) and my phone practically exploded from all the queued up text messages wh
  • Long before the plebs had a internet connection, the 4096 virus was spreading world-wide by floppy disk. We had to shut down every PC in our company and do a manual clean, one by one. I still remember laughing as I explained "computer viruses" to management - the numpties thought it could be spread through the air like a biological virus ffs.

  • To be fair, you can configure Mutt so that it can execute a trojan. But anybody using Mutt is probably far too knowledgeable to do something this abysmally stupid. (Incidentally, this abysmally stupid setting is basically the default on "modern" email clients. Go figure.)

  • The SCA virus was widespread through the Amiga community back in 1987-88, although it was relatively harmless as far as these things go. I still have a couple of infected floppies that boot, run, and print the message just fine on my A1000.

    I guess we'll also ignore the fact that SCA appeared *years* after the first Apple II viruses had arrived on the scene.

  • This virus was not only self-replicating and credential-stealing, it was actively destructive. This is like a burglar who burns your house down on the way out. This guy deserves prosecution.

  • The first time I saw that virus was when I received the email from my boss. That was a great big clue. I deleted it pronto.
  • A Microsoft Windows vbs script that ran when you opened an email and sent itself to everyone in your Outlook address book, who in-turn emailed it to everyone else.

    How it works, what it does [radsoft.net]
  • Looking at my calendar...I guess the longest statute of limitations for breaking laws for writing and deploying that code, for all the countries of the world, is 20 years.
  • Look up "Robert Tappan Morris", He published the "Morris Worm", an UNIX based self replicating worm in 1988 that took down key systems around the world because he didn't understand simple math, and pulled the "get out of jail free" card of "my daddy runs the NSA" while he spent the next few days hiding his traces instead of publishing the code He's part of the "Computer Architecture Group", champions at pursuing *really bad ideas* without examining the consequences, such as Robert's "detect people in othe

  • Norton Antivirus introduced in early 1991, viruses were numerous and a huge problem already. The big one in 1986 was Brain boot sector virus that went rampant in IBM PC ecosystem. Stoned appeared a year later and was worldwide by the early 90s.

Genius is ten percent inspiration and fifty percent capital gains.

Working...