LoveBug: 10 years on

By Alex Shipp | May 3, 2010

0 comments

Digg

 Email

 Print

The 4th of May 2000 was a game-changing day for antivirus security. A virulent worm was about to catch security experts by surprise and cause chaos to an estimated 45 million email users that day. With virus levels surging overnight from 1 in every 1000 emails to 1 in 28, the mass-mailing virus, LoveBug, was on the cusp of causing billions of dollars of damage. It was also the day which proved the superiority of heuristic ‘in-the-cloud’ detection over traditional antivirus tools and a small UK company, MessageLabs, made front page news.

LoveBug

From the moment I logged in to the MessageLabs system that morning, it became apparent that a massive security event was unfolding. Launched from the Philippines, the extent of the attack increased as more countries globally started their working day and emails with the subject line ‘ILOVEYOU’ were opened. Exploiting the power of social engineering, the email attachment looked like a text document, but once the recipient opened it, the worm sent itself to every email address in the recipient’s address book.

At that time, we’d never seen a mass-mailer spread so fast. Ten years ago the entire threat landscape was very different; MessageLabs, now part of Symantec, was barely six months old. There were only two of us in the antivirus department and the most infected emails we had previously stopped in one day was 700. That day we stopped 10,000. Now we routinely stop millions.  

To cope with the sheer scale of the attack, we commandeered all available members of the support team and we suddenly had 20 people working on the problem, and others buying more hard drives because we could see that at the rate the quarantine was filling up we would shortly run out of storage capacity. It was incredibly exciting. We were also putting out warnings to other antivirus companies and onto the security newsgroups which were used then.

0 comments

Digg

 Email

 Print