$15 billion ILOVEYOU, sometimes referred to as LoveLetter, was a computer that attacked tens of millions of personal computers on and after May 5, 2000. Memorable for its 'LOVE-LETTER-FOR-YOU' attachment and 'ILOVEYOU' subject line, was one of the early worms to gain a great deal of media attention. It was also one of the first to reportedly reach a multi-billion dollar damage toll, being one of the most dangerous. ILOVEYOU, sometimes referred to as LoveLetter, was a computer worm that attacked tens of millions of Windows personal computers on and after May 5, 2000. Memorable for its "LOVE-LETTER-FOR-YOU" attachment and "ILOVEYOU" subject line, was one of the early worms to gain a great deal of media. Apr 28, 2010 Ten years ago this coming week an important and unpleasant event occurred: The ILOVEYOU virus. It was, at the time, the biggest malware event ever. We asked researchers at Trend Micro (who turned down ILOVEYOU's author for a. The newly discovered 'I Love You' virus that swept through banks, securities firms, and Web companies in the United States Thursday and later spawned copycat viruses has proved in large part to be more of an annoyance than a costly disruption of business. Messages generated in the Philippines began to spread westwards through corporate email systems. Because the worm used mailing lists as its source of targets, the messages often appeared to come from acquaintances and were therefore often regarded as 'safe' by their victims, providing further incentive to open them. Only a few users at each site had to access the attachment to generate millions of more messages that crippled mail systems and overwrote millions of files on computers in each successive network. Contents [] Behavior Transmission The virus arrives in an email with the subject line of 'ILOVEYOU' with an attachment 'LOVE-LETTER-FOR-YOU.TXT.vbs' that people were encouraged to open, since the '.vbs' suffix was not visible, thus seeing the '.TXT' suffix. The message body is 'kindly check the attached LOVELETTER coming from me.' The sender line will be the address it was sent from. Subject: I Love You is a movie starring Briana Evigan, Jericho Rosales, and Dean Cain. Subject: I Love You is an action-packed romantic drama, based on the destructive 'I Love You' computer virus, which spread around the globe at the turn of the millennium, shutting down. See full summary. Directed by Francis dela Torre. With Briana Evigan, Jericho Rosales, Dean Cain, Dante Basco. Subject: I Love You is an action-packed romantic drama, based on the destructive 'I Love You' computer virus, which spread around the globe at the turn of the millennium, shutting down computer systems at the Pentagon, Parliament and the CIA. The user must download and execute the worm by clicking on it. The worm may also come from an infected computer on the same IRC channel using mIRC. The worm will be in an infected HTML document named LOVE-LETTER-FOR-YOU.TXT.HTM downloaded into the IRC downloads folder. The user must access the.htm file to activate the worm. Internet Explorer security settings do not allow scripts to access disk files and will display a warning when they try to. To work around this, the worm displays a fake message telling the user to give ActiveX control to the.htm file. If the user clicks on 'Yes', the worm will infect the system. If the user clicks on 'No', the worm reloads the message in an infinite loop until the user clicks on 'Yes' to allow it to infect the system. Infection When the worm is executed, it copies itself as the files LOVE-LETTER-FOR-YOU.TXT.VBS and MSKERNEL32.VBS in the and WIN32DLL.VBS in the Windows directory. It creates its own key named MSKernel32 under the that causes programs to run and adds the value MSKERNEL32.VBS to it. It also creates a new Local Machine RunServices key named Win32DLL and adds WIN32DLL.VBS as a value to it, so it will run when the system boots, before the user even logs on. The worm sets the Internet Explorer start page to one of four randomly chosen web pages so that it downloads the file WIN-BUGSFIX.EXE, a. It then adds a key for it in the same manner that it registered its own files, so it will run at startup. After the WIN-BUGSFIX.EXE program has been run, it copies itself to the Windows system folder as WinFAT32.EXE and replaces the WIN-BUGSFIX.EXE registry key with one for itself. This file obtains the system's logins, passwords, machine name, IP address, RAS information and some other information about the computer and sends it to [email protected].
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |