|
| Onel de Guzman is suspected of being the author
of the Love Bug worm. |
Six years ago today, on 4 May 2000, the VBS/Lovelet-A virus
(also known as the Love Bug or ILOVEYOU worm) caused considerable
damage as it infected computers worldwide. But according to experts
at SophosLabsâ„¢,
Sophos's global network of virus, spyware and spam analysis
centers, a lot has changed in the malware landscape in that
time.
The Love Bug worm, believed to have been written by Filipino
student Onel de Guzman, fooled computer users into believing they
were receiving a love letter in their email. However, if the
attached file was opened the virus would forward itself to other
email addresses found on the infected computer.
"The Love Bug, and the Melissa worm before it, heralded a new
era in malware of mass-mailing worms which relied upon social
engineering to tempt people into double-clicking on malicious email
attachments," said Graham Cluley, senior
technology consultant for Sophos. "Computer users' email systems
became clogged up with an avalanche of malicious emails carrying
worms such as Sobig, Anna Kournikova and Naked Wife. However,
mass-mailing worms are now on the descent, as we are witnessing a
huge rise in targeted Trojan horse attacks instead."
In 2001, 21% of all threats discovered by Sophos were Trojan
horses. By April 2006, this figure had risen to
86% as hackers used Trojan horses to download malicious code,
spy on users, steal information or gain unauthorised access to
computers.
"Trojans are often spammed out to unsuspecting users, or planted
on websites, in an attempt to secretly install themselves on
victims' computers. Once in place they can open backdoors for
hackers to steal information, including sensitive data such as
banking passwords," continued Cluley. "It is barely remembered by
most, but the Love Bug was actually a precursor to some of this
kind of activity as it was conceived to try and steal internet
connection passwords to give its creators cheaper access to the
net."
After the appearance of the Love Bug on 4 May 2000 many other
viruses emerged which used similar tricks to tempt users into
double-clicking on a malicious attachment. Memorably in 2001 a worm
which pretended to be pictures of the Russian
tennis pin-up Anna Kournikova successfully spread around the
globe. Other viruses posed as files connected with Shakira,
Britney
Spears, Paris
Hilton or Jennifer
Lopez.
Sophos experts believe that many computer users are still at
risk of falling for malware with a psychological trick up its
sleeve, but that financially-motivated hackers now prefer to use
Trojan horses rather than mass-mailing worms.
"At the time of the Love Bug most malware was written to show
off, rather than to make money. The new organized criminal gangs
behind malware don't want their attack to hit the headlines, as
that will increase the public's awareness about the threat. So they
use Trojan horses, which can target a small number of people at a
time, rather than mass-mailing worms which could infect millions
around the globe at once," continued Cluley. "It's sad to say, but
although technology may have improved in the last six years, the
majority of the general public are still woefully uneducated about
how to act safely online and best protect their bank accounts and
identities."
Laws designed to combat computer misuse were only introduced in
June 2000 by the authorities in the Philippines as a result of the
Love Bug incident. These laws could not be backdated, and suspect
Onel de Guzman walked free.
"No-one has ever been convicted for spreading the Love Bug
virus, and it seems they probably never will," said Cluley.
Sophos continues to recommend that companies protect their email
with a consolidated solution to thwart the
virus, spyware and spam threats as well as secure their desktop and
servers with automatically updated anti-virus protection. Sophos
also recommends that users are educated in safe computing guidelines to help
reduce the risks.
For more information about the latest trends in viruses, spyware
and spam read the in-depth Sophos Security Threat Management Report
2005:
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.