back to article Broken-hearted email servers mark LoveBug anniversary

Tuesday marks the tenth anniversary of the infamous LoveBug worm, the prolific malware strain that proved opening "flirty" emails from acquaintances seriously endangers internet hygiene. MessageLabs security team was the first to stop and name LoveBug, a mass-mailing worm later reckoned to have infected 45 million computer users …

COMMENTS

This topic is closed for new posts.
Pint

I remember the day well...

... was working at the Law Society of England and Wales at the time.

After the panic had died down and the working day ended a group of us spent the evening in the Law Soc bar with 4 page print-outs of the things .vbs code, discussing its workings.

People running from office to office, whipping out Ethernet cables, general panic and mayhem.

An interesting day for sure. :)

0
0
Silver badge

Sir

Yukk, it's green!

It should be viewed through rose tinted spectacles, because whilst the new threats are much more serious I do recall this one being a major pain in the arse at the time. Didn't get caught out, but it was so widespread that that didn't seem to matter - everyone else you tried to communicate with was fubarred !

0
0
Anonymous Coward

Eh?

"..Crucially, a security shortcoming of the time means the final .vbs extenuation was hidden by default from Windows users.."

No, its still there!!!!!!!

5
0
Gates Horns

Of the time...?

"Crucially, a security shortcoming of the time means the final .vbs extenuation was hidden by default from Windows users, who were therefore easily duped into thinking the email contained only an innocuous txt file attachment."

I'm pretty sure that's a "feature" on even the newest windows versions

5
0
Gates Horns

Yep

Even on the supposedly much more secure Windows 7, this is still the default.

Why?!!

3
0
Stop

Wrong...

Nope, the newest version of windows (Windows 7, in case you hadn't heard) doesn't have this problem... because it doesn't come with any email client.

0
2
Gates Horns

RE: Yep

"Even on the supposedly much more secure Windows 7, this is still the default.

Why?!!"

Erm, because MS software still sucks?

1
0
Stop

double dots.

The problem was the double extension not the fact that you can hide the extension (and that it is enabled by default).

Windows would use the first dot at the extension rather than the last dot so it would use the .txt icon not the .vbs. Try it and see! I have been using double extensions for a long time, In fact create a default code behind page in a asp.net website and see what the file is called.

1
0
Stop

RE: Wrong...

Does it still do it in Outlook?

(I'll bet it does)

0
0

D'oh

How old do we all feel now? :(

0
0
Gates Horns

RE: D'oh

"How old do we all feel now? :("

Old enough to know that MS haven't changed anything much in all those years. Their software is still a mess of security holes.

2
0
Anonymous Coward

@Craig12

We feel even older those of us who remember the AIDS Info Diskette from 1989...

1
0
Gold badge
Grenade

Hidden extensions.

Not sure it would have made much, if any, difference had it been visible.

Most of the users I know would look at that and go ".vbs? no idea what that means......I wonder what it does? <click>". Maybe less likely these days, the cattleprod-reinforced message is gradually getting through, but back then......!

Anyone who knows what a .vbs is should be the sort who treat unchecked, unsolicited email attachments as if they were UXBs anyway, regardless of what they're called.

0
0
Silver badge
Paris Hilton

True

I worked in a small office at the time. I sent an email to the 6 people there as well as warn them in person that this was going around and to delete it immediately.

Of course this didn't stop one idiot woman from opening it anyway.

0
0
Silver badge
Thumb Up

Great day

I remember that, I was working in DBA team and these mails came up...the mail team were ALL down the pub! "Can you come back, I think there's something funny going on?".

The best bit was that we couldn't use email to tell users to stop opening the mails! So 5 people were told to run around the whole office and tell users to stop using Outlook. The sight of people having to....*GASP*... pick up the phone and talk to other people!

0
0
Thumb Down

John Leyden's incompetence strikes again

"MessageLabs security team was the first to stop and name LoveBug" - no, they weren't:

http://www.f-secure.com/weblog/archives/00001946.html

"Crucially, a security shortcoming of the time means the final .vbs extenuation was hidden by default from Windows users" - of the time?! Well, the time is now, 'coz it's still there.

"The worm used infection routines written in VBScripts" - VBScript, not "VBScripts".

1
0
Grenade

dump please?

And where might a sentimental mind get a copy of the source from these days? I reckon it could look better than that green blob that someone rendered out of it.

0
0
Silver badge
Thumb Down

ten years ago

I picked up a love-bug type of infection ten years ago. It's not something I'm proud of or want to remember though.

0
0
This topic is closed for new posts.

Forums