Zum Inhalt springen

I Love You: The Virus That Infected 10% of the Internet in 10 Days

Zusammenfassung

The “ILOVEYOU” virus, released on May 4, 2000, infected approximately 50 million computers within 10 days — roughly 10% of all internet-connected machines at the time. It spread via email with the subject line “ILOVEYOU” and an attachment named “LOVE-LETTER-FOR-YOU.txt.vbs.” The attachment was a Visual Basic Script that overwrote image files, music files, and documents with copies of itself, and emailed itself to everyone in the victim’s Outlook address book. The creators, from the Philippines, were never prosecuted — the Philippines had no computer crime laws at the time. The case directly prompted several countries to enact cyber crime legislation.

The Mechanism

The virus was written by Onel de Guzman, a computer science student in Manila, Philippines. He reportedly created it to steal internet access passwords — at the time, dial-up internet in the Philippines required paid accounts, and de Guzman wanted free access.

The spread mechanism exploited two features:

  1. Windows hidden file extensions: Windows by default hid file extensions. The file “LOVE-LETTER-FOR-YOU.txt.vbs” appeared as “LOVE-LETTER-FOR-YOU.txt” in Windows Explorer. Users who saw a “.txt” extension assumed it was a text file and opened it; it was actually a VBScript (.vbs).

  2. Microsoft Outlook’s address book: The script accessed the Windows Scripting Host and Outlook’s MAPI interface, sending copies of itself to every contact in the victim’s address book. A single user with 100 contacts caused 100 new infections; each of those caused 100 more.

The exponential growth produced millions of infected machines within hours of release. The virus appeared first in Asia on May 4, 2000, and reached Europe and North America by the following business morning.

The Damage

The virus overwrote JPEG, MP3, and other file types with copies of itself — destroying photographs, music libraries, and documents on infected machines. Corporations discovered on Monday morning that their shared drives contained only VBScript files where their documents had been.

Estimated global damage: $5.5–$8.7 billion. Affected organizations included the Pentagon, the CIA, the British Parliament, and most major corporations. Many organizations shut down their email servers to prevent further spreading.

The Legal Gap

De Guzman was identified through metadata in the script and forensic work by Philippine authorities. He was arrested and charged. His defense attorney argued successfully that no Philippine law at the time criminalized what he had done. Charges were dropped. He was never tried.

The case prompted rapid enactment of computer crime laws in the Philippines (the E-Commerce Act of 2000) and accelerated similar legislation in other countries. The Convention on Cybercrime (Budapest Convention), adopted by the Council of Europe in 2001, was partly a response to the jurisdictional gap ILOVEYOU exposed.

📚 Sources