A groundbreaking event took place in the Philippines on May 4, 2000 – the birth of the first computer virus in the Philippines that would go on to make history.
Known by various names like “ILOVEYOU,” “Love Bug,” or “Loveletter,” this seemingly innocent digital bug had far-reaching consequences, infecting countless Windows PCs across the nation in a concise period.
Now, you know What is The First Computer Virus in The Philippines.
“ILOVEYOU” is not a typical virus-like Realsrv; it’s a computer worm, a type of malware with a knack for self-replication and spreading across multiple computers.
Unlike a conventional virus that needs a host file to hitch a ride and propagate, this worm acted independently, finding its way into one PC after another with lightning speed.
What did this worm do, and who was behind its creation? Let’s read the Hackzon guide till the end to know the answers!
First Computer Virus in the Philippines – What is it?
The ILOVEYOU virus is the first computer virus in the Philippines, also known as Love Bug or Love Letter.
It was a computer worm that made its way into over ten million Windows computers starting May 5, 2000.
It worked through e-mail, posing as a message with the subject line “ILOVEYOU” and an attachment named “LOVE-LETTER-FOR-YOU.TXT.vbs.”
The tricky part was that Windows computers often hid the “.vbs” extension, making it appear like a harmless text file to users.
When someone opened the attachment, an activated Visual Basic script triggered the virus, and it didn’t hold back.
It could overwrite various files, including images and audio, causing chaos like a logic bomb on the infected machine.
Furthermore, the virus exploited the Windows address book to distribute copies of itself to everyone in the user’s contact list, allowing it to spread like wildfire and wreaking havoc.
The ILOVEYOU virus was a computer worm created using Microsoft Visual Basic Script (VBS) and exploited the default settings of Windows that enabled the scripting system.
Its payloads were quite malicious, capable of overwriting data, modifying files, downloading other malware, and even sending e-mails using Microsoft Outlook.
This virus taught the world a valuable lesson about cybersecurity and being cautious when dealing with e-mail attachments.
Who Created the First Computer Virus in the Philippines?
Onel de Guzman, a 24-year-old resident of Manila, Philippines, created the first computer virus in the Philippines that became infamous as the ILOVEYOU virus.
Interestingly, during the time of its creation, there were no specific laws in the Philippines that prohibited making malware.
In reaction to the virus’s devastation, the Philippine Congress quickly adopted Republic Act No. 8792, widely known as the E-Commerce Law, in July 2000 to dissuade future efforts at such operations.
Nonetheless, it’s worth noting that the Constitution of the Philippines prevents the application of ex post facto laws, which meant de Guzman could not be prosecuted retroactively.
De Guzman’s motivation for creating the first computer virus in the Philippines stemmed from his financial struggles.
Being poor and unable to afford Internet access, he hatched a plan to develop the computer worm to pilfer passwords from other users.
He intended to use these stolen passwords to access the Internet without paying for the service.
He justified his actions on the belief that Internet access is a fundamental human right and that he wasn’t truly “stealing” from others.
Interestingly, the worm’s creation was based on the principles outlined in de Guzman’s undergraduate thesis at AMA Computer College.
He exploited a flaw in Windows 95, which automatically ran code from e-mail attachments when users clicked on them.
This vulnerability made it relatively easy for him to create the worm.
Initially, he intended the worm to be confined to Manila, but out of sheer curiosity, he removed this geographic restriction, allowing the worm to spread far beyond his initial expectations.
Even de Guzman did not anticipate his creation’s rapid and extensive worldwide dissemination.
How Did the ILOVEYOU Virus Work?
The first computer virus in the Philippines, The ILOVEYOU virus, exploited certain features and weaknesses in the Windows operating system and Microsoft Outlook.
At the system level, the virus relied on the scripting engine system setting, which runs scripting language files like .vbs.
It took advantage of a Windows feature that hid file extensions by default, making it appear innocuous to users.
With two periods in its name, the attachment tricked the system into displaying a fake “TXT” file extension, making it seem like a harmless text file.
The virus used social engineering to lure users into opening the attachment out of curiosity or a genuine desire to connect.
Once opened, the malicious code gained complete access to the operating system, secondary storage, and system and user data, all without the users realizing the consequences of their actions.
The virus spread began in the Philippines and then propagated westwards through corporate e-mail systems.
It targeted mailing lists, making it appear that the messages were from acquaintances, which convinced recipients to open them, further perpetuating its spread.
Only a few users needed to access the attachment to generate countless more messages, severely impacting mail systems and overwriting millions of files in each subsequent network.
The ILOVEYOU script was written in Microsoft Visual Basic Scripting (VBS), enabled by default in Microsoft Outlook.
It allowed the virus to add Windows Registry data for automatic startup on system boot, ensuring its persistence.
The worm searched connected drives and replaced files with specific extensions, including JPG, JPEG, VBS, VBE, JS, JSE, CSS, WSH, SCT, DOC, HTA, MP2, and MP3 while appending the additional file extension VBS.
However, it hid MP3 and other sound-related files instead of overwriting them.
The worm sent a copy of its payload to each Microsoft Outlook address book entry to propagate itself.
Additionally, it downloaded the Barok trojan (renamed as “WIN-BUGSFIX.EXE”) for further malicious activities.
Because the worm was written in VBS, users could easily modify it, leading to over 25 variations of ILOVEYOU spreading across the Internet.
Different versions caused various types of damage, targeting specific file extensions or changing the e-mail subject to tailor the attack to particular audiences.
Some variations even rendered the user’s computer unbootable upon restarting.
The messages sent by ILOVEYOU often included alarming subject lines, such as “VIRUS ALERT!” or “Important! Read Carefully!!”
It added to the social engineering tactics, making users more likely to fall into the trap and open the infected attachment.
What Was the Impact of the ILOVEYOU Virus?
The impact of the ILOVEYOU virus was staggering and far-reaching. It all began in the Pandacan neighborhood of Manila, Philippines, on May 4, 2000.
As the sun rose and people started their workday, the worm swiftly spread westward across the globe, hitting Hong Kong, Europe, and eventually the United States.
The outbreak caused immense damage, estimated to be between US$5.5 to $8.7 billion worldwide. Removing the worm incurred additional costs, estimated at US$10 to $15 billion.
Over fifty million infections were reported within ten days, affecting around 10% of all Internet-connected computers globally.
The aftermath mainly consisted of painstaking efforts to remove the infection and recover files from backups.
Such was the severity of the situation that even large organizations like The Pentagon, CIA, British Parliament, and major corporations had to shut down their mail systems to protect themselves.
The ILOVEYOU virus was one of the most disastrous computer-related incidents ever recorded.
Its destructive reach earned it among the top ten most virulent computer viruses in history, as recognized by the Smithsonian Institution in 2012.
The events surrounding the virus even inspired the Pet Shop Boys to create a song called “E-mail” on their album “Release,” which delved into the human desires that enabled such mass destruction through this computer infection.
At the time of the virus’s creation, no laws in the Philippines explicitly addressed writing malware.
As a result, both Ramones and de Guzman, the virus’s creator, were released with all charges dropped by state prosecutors.
The Philippine Congress enacted Republic Act No. 8792, the E-Commerce Law, to address this legislative gap in July 2000 following the worm outbreak.
De Guzman, the mastermind behind the virus, did not seek public attention.
He appeared at a press conference in 2000, concealing his face and allowing his lawyer to handle most questions.
His whereabouts remained unknown for two decades until investigative journalist Geoff White stumbled upon him in May 2020 while researching his cybercrime book, “Crime Dot Com.”
De Guzman worked at a mobile phone repair stall in Manila.
He eventually confessed to creating and releasing the virus, admitting that he did it to steal Internet access passwords as he couldn’t afford to pay for access.
He also clarified that he was the sole creator, acquitting the two others accused of co-writing the worm.
The Love Bug, Love Letter, or I LOVE YOU Virus significantly impacted cybersecurity in the Philippines and beyond.
Millions were duped by its harmless appearance, which resulted in massive turmoil and damage.
The virus made us realize how crucial it is to be on the lookout for online threats and essential discussions about cybersecurity.