ILOVEYOU virus

The attachment in the ILOVEYOU virus is a VBScript program that, when opened (for example, by double-clicking on it with your mouse), finds the recipient's Outlook address book and re-sends the note to everyone in it. It then overwrites (and thus destroys) all files of the following file types: JPEG, MP3, VPOS, JS, JSE, CSS, WSH, SCT and HTA. Users who don't have a backup copy will have lost these files. (In March 1999, a virus named Melissa virus also replicated itself by using Outlook address books, but was less harmful in destroying user files.) The ILOVEYOU virus also resets the recipient's Internet Explorer start page in a way that may cause further trouble, resets certain Windows registry settings, and also acts to spread itself through Internet Relay Chat (Internet Relay Chat).

One of the first steps companies used to ward off the ILOVEYOU virus was to screen out notes with ILOVEYOU in the subject line. However, hackers quickly introduced copycat variations with subject lines variously identifying "JOKE" and "Mother's Day!" as the content, but containing the same or similar VBScript code. At least 12 variations have been identified. The most sinister mutation is undoubtedly the one with the subject line containing "VIRUS ALERT!!!" Posing as a virus fix from Symantec, the note starts out with "Dear Symantec Customer." The attachment (which should not be opened) is "protect.vbs."

Companies and users are advised to get or update anti-virus software that can help screen for the virus and remove it for users whose systems have been infected. Users are always advised never to open an e-mail attachment without screening it with anti-virus software or knowing exactly who sent it and what it is.

Read more about ILOVEYOU virus: - SearchVB.com, a portal for Visual Basic developers, includes a collection of links about VBScript the language used to create the ILOVEYOU virus. - SearchWin2000.com has a collection of Internet links related to the ILOVEYOU virus. - Go to SearchSecurity.com for security-specific information on the I LOVE YOU virus.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT New defenses for automated SQL injection attacks By automating SQL injection attacks, hackers have found a way to expedite the process of finding and exploiting vulnerable websites. The old defenses... Information security book excerpts and reviews Visit the Information Security Bookshelf for book reviews and free chapter downloads. Yahoo, McAfee to warn users of dangerous websites Websites suspected of spreading malicious programs or spamming and phishing campaigns will be highlighted in search results.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bot worm  (SearchSecurity.com) A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself... directory traversal  (SearchSecurity.com) Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the...