Hacking Stories: ILoveYou Malware Attack

Rhythm Jain
May 6, 2021

How ILOVEYOU malware hacked Microsoft Outlook and caused 8.7bn USD loss

May I ask you a personal question? How did you feel when you were about to propose to your better half?

Quite nervous, scared, and excited too, right!?

Now, how would you feel if I’d ask you to propose to all your contacts in your Outlook address book? The chills that you suddenly get through your spine is the exact answer to this question.

I know, most of you would not do it, but you know, people in the year 2000 went through it!

How the virus works

There was a malware named ILOVEYOU, which was basically a worm that could replicate and overwrite itself in other files. It took advantage of systemic weaknesses in the design of Microsoft Outlook and Microsoft Windows. This allowed malicious code to have complete access to the operating system, secondary storage and user data by unwitting users simply clicking on an icon.

This malware was able to spread through Microsoft Outlook and after penetrating one inbox, it could send a copy of the same mail to all the addresses present in the mail address book.

More than a love letter, it was a cyber attack

The mail consisted of the subject, “I LOVE YOU” and contained the attachment “LOVE-LETTER-FOR-YOU.txt.vbs”. The malware took advantage of a Windows setting that enables the execution of scripting languages like Visual Basic. In addition, it took advantage of a feature in Windows that hid file extensions by default that malware authors would use as an exploit.

iloveyou malware

8.7bn USD in damage and around 15bn USD recovery costs

The worm originated from the Philippines on 4 May 2000. In a matter of days, it spread like a forest fire throughout Europe and America causing an estimated damage of 8.7 billion USD. The recovery cost was estimated to be around 15 Billion USD.

Almost 10% of the whole internet was affected by this. Even organizations like the Pentagon, CIA and British Parliament were forced to shut down their email services. It was estimated that a total of 10 million systems were affected.

An advice to you: whenever you get an eye-catching email, please double check it before opening it. Otherwise, be ready to get a lot of proposal rejections from your address book contacts, LOL!

written by
Rhythm Jain
Ethical Hacker

Compare and find the pentesting company you trust

No credit card required.
Oops! Something went wrong while submitting the form.