The first computer virus in the Philippines is “ ILOVEYOU ”. The alternate names for this virus are Love Bug and Loveletter .
Are you willing to know how this bug affected personal computers in the Philippines and who was responsible for the bug?
Continue reading this article to gain insights into the first computer virus in the Philippines.
ILOVEYOU – The First Computer Virus in the Philippines
ILOVEYOU, or Love Bug or Loveletter, was the first computer virus in the Philippines that affected millions of Windows PCs. It was created on May 4, 2000, and spread so rapidly that it infected a large number of personal computers across the Philippines.
To specifically define this virus, it is a computer worm and not a virus. The primary difference between a virus and a worm is that a worm is a type of malware that replicates itself and spreads across different computers.
On the other hand, a virus is simply an executable file that aims to modify data on the target system. It requires a host file to propagate.
The Origin of the ILOYEYOU Virus
Onel de Guzman, a 24-year-old Filipino computer programmer, created ILOVEYOU while pursuing his undergraduate computer science degree. He was a poor guy struggling to pay for Internet access.
With the intent to access the Internet, he created the virus that stole the passwords stored in a victim's computer. He used those passwords to log in and access the Internet without paying a single dime. However, he said that Internet access is everyone’s right and was not doing any illegal act.
He used the same principle mentioned in his thesis project to create the virus. The project aimed to acquire Windows passwords and extract information about all internet accounts from a victim’s computer.
Further, he said he took advantage of Windows 95’s bug that ran code in email attachments whenever a user clicked them. Out of his curiosity, he eliminated geographic restriction, and the worm spread worldwide.
The Spreading of ILOVEYOU
The virus, ILOVEYOU, started spreading rapidly in the Philippines through an email with the subject line "ILOVEYOU" and the attachment "LOVE-LETTER-FOR-YOU.TXT.vbs."
Receivers of the email were enticed by the subject line, which instigated them to open the attached document.
Upon opening the attachment, the Visual Basic script was activated. Initially, the injected virus overwrote random files, such as Office files and image files, damaging the entire local computer. Further, it replicated itself to all addresses in the Windows Address Book to spread itself faster than other email worms.
Back then, there were no laws against making such malware in the Philippines. In July 2000, the Philippine Congress enforced the eCommerce law or Republic Act No. 8792 to avoid such activities in the future.
How Did the ILOVEYOU Virus Work?
The drawback of the Windows system was the primary reason for the virus to infect millions of personal computers. Back then, Windows systems hid file extensions by default, disguising files safe for users. The virus, ILOVEYOU, relied heavily on the scripting engine system that executed scripting language files with extensions .vbs .
Further, Windows systems parsed the file names from right to left and stopped at the first-period character. It only displayed the components present on the left of the first character period.
The email attachment had two-period characters, as you can see below
LOVE-LETTER-FOR-YOU.TXT.vbs
Hence, it could only display the fake ‘TXT’ file extension to people. Text files are generally considered safe, as they cannot execute any arbitrary code.
As a result, the ILOVEYOU worm leveraged social engineering to trick people and persuade them to open the attachment. As only the ‘TXT’ file extension was visible to users, they were tricked and convinced that the attachment was safe and was simply a regular file.
The malicious code injected into the attachment could access an operating system , secondary storage, and system and user data of a victim’s computer. Further, it located the victim’s Microsoft Outlook address book and sent messages to all contacts.
Architecture of ILOVEYOU
De Guzman wrote the email attachment or the ILOVEYOU script in Microsoft Visual Basic Scripting (VBS). When a person opened the attachment, the code was automatically enabled and ran in Microsoft Outlook.
The worm searched for the connected drives and replaced all files with extensions JPG, JPEG, VBS, VBE, JS, JSE, CSS, WSH, SCT, DOC, HTA, MP2, and MP3, with copies of itself. The replicated copies had an additional extension, .vbs . The worm hid audio files rather than overwriting them.
Additionally, the worm sent a copy of its payload to all the entries in the Microsoft Outlook address book. This is how it propagated.
More interestingly, the worm was editable, as it was scripted in VBS. Hence, users could modify it. Due to this, there were around 25 different variations of ILOVEYOU that spread across the Internet. Each variation did a different form of damage to a victim’s computer.
Popular mail messages ILOVEYOU sent were:
- VIRUS ALERT!!
- Important! Read Carefully!!
The Impact and Aftermath of the ILOVEYOU Virus
As the worm, ILOVEYOU, started spreading worldwide, its impact was devastating. Within just a few hours of being introduced and propagated in the Philippines, it rapidly dispersed across Asia, Europe, and North America. Compared to the Melissa virus, which affected 1 million computers, ILOVEYOU was 15 times faster in terms of speed.
The House of Commons from the United States, the Ford Motor Company, and Microsoft suspended their overloaded emails due to this virus. The virus’s propagation was extremely rapid in the United States, as people were not able to hold back from clicking the attachment with the ILOVEYOU subject line.
Later, the worm made its way into the United States Army Forces Command (FORSCOM) mailing list. After a while, it entered all significant US military bases, except those where Outlook was not in use.
Within 10 tens, the virus was able to infiltrate the personal computers of a 45 million user base.
The effects of this pervasive virus were devastating, causing an estimated $10 billion in losses in terms of financial costs.
Conclusion
This was all about the first computer virus in the Philippines. Onel de Guzman, a 24-year-old computer graduate, was able to create the virus with the intention of accessing the Internet free of charge. He thought that access to the Internet was the right of every human being, which led him to create the devastating virus.
Due to the absence of any laws against a virus creator, Onel de Guzman was not subjected to any charges or penalties. The rapid spread and devastating impact of ILOVEYOU forced the Philippines government to enforce the Republic Act No. 8792 or eCommerce law.
People are also reading:
Leave a Comment on this Post