
Iloveyou - Tomte
https://en.wikipedia.org/wiki/ILOVEYOU
======
Phlogistique
One thing that I like about the ".txt.vbs" trick is that: Ok, Windows was
hiding the file extension, so users where not seeing the ".vbs". But users
that were still seeing the ".txt" and thought that was a text file, _even
though a real text file would have had its extension hidden_!

In other words, the "social engineering" trick only worked because users had
been _previously trained_ to look at the file extension to identify file type,
and _then_ Windows took away the file extensions.

HN is frequently talking about how harmful the impact of UX changes that we
push onto users can be. Here's a 20-years-old example!

------
parsimo2010
This was HUGE news at the time, being covered by pretty much every channel and
newspaper. My family received just one ILOVEYOU email (to the one email
account we had for the entire family that we downloaded to the single computer
in the house with dial-up internet) after the news broke, and we were smart
enough to delete it without reading. But deep down inside I was kind of proud
that the bug made it to the boonies and I was really tempted to open it
anyway. I doubt that it would have done anything since we used Juno's software
for email and browsing and I don't think it used the Windows Address Book and
we didn't have Outlook configured.

I also like the aftermath, in which the Philippines caught the guys who wrote
the bug and then realized that they hadn't technically committed a crime under
Philippine law, so they just let them go. They wrote some cyber-crime laws
afterwards, but I imagine Duterte's government wouldn't have let the guys go.

Edit: I took a walk down memory lane, and holy crap! Juno still exists:
[https://www.juno.com/](https://www.juno.com/) Also, s/bug/worm/g.

------
pedrocx486
YouTuber danooct1[1] made a video demonstrating this worm, he has a lot of
videos demonstrating "old school" viruses.

1: [https://youtu.be/ZqkFfF5kAvw](https://youtu.be/ZqkFfF5kAvw)

------
flafla2
>In May 2020, it was revealed that while researching his cybercrime book Crime
Dot Com, investigative journalist Geoff White had found Onel de Guzman working
at a mobile phone repair stall in Manila. De Guzman admitted creating and
releasing the virus. He claimed he had initially developed it to steal
Internet access passwords, since he could not afford to pay for access. He
said that Michael Buen, who had also fallen under suspicion during the
investigation, had nothing to do with the virus' creation.

Fascinating. Is this why you posted this, OP?

~~~
firloop
Not OP, but it's also the 20 year anniversary

>infected over ten million Windows personal computers on and after 4 May 2000

------
dang
Recent and related:
[https://news.ycombinator.com/item?id=23057569](https://news.ycombinator.com/item?id=23057569)

------
palad1n
Holy crap, I remember this. I accidentally clicked on it myself then had to
send a mass email to everyone on my contact list not to do the same, and I
correctly identified it as a "trojan horse" type. One of my friends at work
said that they might not have clicked on it if it hadn't been me that the
sender had been (I guess that was a compliment?).

------
WoodenChair
The book by the reporter who did the most recent investigation related to the
case, that’s mentioned in the Wikipedia Article, is coming out later this
year: [https://amzn.to/2xAIayp](https://amzn.to/2xAIayp)

------
jaxn
That was a crazy morning.

~~~
wurst_case
Tell us about it! What was it like for you?

~~~
Tomte
Back then I had an old SPARCstation as a second computer with Debian, running
INN (a Usenet news server) and Exim (mail server), both fed by UUCP over TCP.

That was long after UUCP was used seriously, but a few hobbyists still used it
for fun.

Batches arrived, were decompressed and fed into Exim and INN.

That day (and the following days), batches were not decompressed before the
next ones arrived. System load was through the roof.

I had never implemented or even thought about real load handling and queuing,
because why should I? My few hundred kilobytes (or maybe a megabyte?) of mails
and news every half hour were decompressed pretty much instantly. Until that
day.

------
screamingninja
Ironically enough, the worm was spread by humans. It required deliberate human
interaction - execution of the attachment - at each step.

------
runawaybottle
The whole script seemed to stick to the one trick of messing with extensions.

Simple often does the trick.

