Ok, this virus is apparently spreading like wild fire. However, other than propagating itself very quickly, what damage is it doing and/or is it capable of?
See Symantec’s writeup here:
http://www.symantec.com/avcenter/venc/data/vbs.loveletter.a.html
There is also another thread on this here:
http://boards.straightdope.com/sdmb/showthread.php?threadid=23522
You know what boggles my mind is that this virus, like the Melissa virus, takes advantage of loopholes in MS Outlook, and people say that it can infect ANYBODY! The media in general (TV, Radio, Newspapers) doesn’t take that into account and ends up blowing the whole thing out of proportion.
Everyone where I work was paranoid about this virus bringing down our system and they didn’t even bother to notice that we don’t use Outlook. What’s the deal with that?
It can infect anyone who has can get email and is on a Windows-based system.
The virus can only propagate itself through Outlook Express’s address book.
If I understand correctly, if you get the virus, it edits your registry so that it loads each time the system is started, it kills all your .mp3s and .jpgs (among others) and creates copies of itself with the name of your files (Myphoto.jpg @ 123K becomes Myphoto.jpg.vbs at 11K). It then checks out your Outlook express address book and, if you have one, it mails itself to everyone in the address book. So even if you don’t use Outlook, you’re still vulnerable, but you’re not contagious.
Fenris
Ahem…
**
Fenris, said
I’m not sure that’s true, however it is better to be safe than sorry. The attached file is a “.VBS” file. The email client would have to run the script file to get infected. I don’t think all Windows email clients do that. However, I think the rest of what you say is true.
There is something that you can do even if you have Outlook or Outlook Express besides the obvious “Don’t open suspicious email attachments”. (20 people didn’t all of a sudden fall in love with you and decided to send you the exact same email). There is a security setting in Outlook Express that sets the “Security Zone” to be used for email. I set mine to “Restricted Zone” which turns off almost all scripting and puts it into “High Alert” mode.
I believe that was one of the recommendations from Microsoft when Melissa was first going around. Of course they don’t bother to make it the default.
Jim
Current score: <50 to >50,000 …
Mac viruses to PC viruses… as in golf, lower scores are preferable!
Hear hear!
Seems like it is going through businesses and businesses that do business with the gov’t. What a gutless thing to do. What are the chances that this dope will be caught?
Pretty good, I’d think - they’ve already identified the four sites (actually, four locations on a single site) where the worm goes to for updates (and the ISP responsible for that site has already been knocked off of the Internet, presumably until those four locations are scrubbed), and it sounds like there were a number of other clues left behind.
If there is a silver lining to this fiasco, it’s that maybe it stopped the spam from getting into my inbox today. Usually by this time of day I have about 20 junk mail messages, but I haven’t gotten a single one today! 
Sometimes I wonder what all the excitement is about because you can get a Virus Creation Lab on the net then Create your own viruses & spread them…As a matter of fact, you can get the viruses on the net as files, you know, a pure virus file to release into the internet. Shucks, those things are free everywhere, Im surprised they aren’t used more than they say.
FYI:
Haven’t seen this confirmed anywhere else yet, but I’ve heard this today from the network support people at my company:
Update:
We have found two new variants of the Loveletter virus.
The b variant has the subject “Susitikim shi vakara kavos puodukui…” The DOC is the same.
The c variant has the subject “Joke” and the DOC is called VeryFunny.vbs. They are basically
the same, but do have some minor changes.
I got this from a Reuters news article on Yahoo! News:
This includes the “Joke” one mentioned by Arnold, but I don’t know about the others. It looks like it’s going to be a while before this one gets under control
Jim
"Current score: <50 to >50,000 …
Mac viruses to PC viruses… as in golf, lower scores are preferable! "
Hmmm…I should probably fire up my old CP/M boat anchor. No one’s attacking those! Just got to get away from the human race and be a hermit.
Downloading the .vbs file and executing it will ruin all sorts of files on your machine, but thanks to MS ‘innovations’ just clicking on it (which shows it in the preview panel in Outlook) will set it off. This is almost exactly how Melissa worked.
Outlook is unbelievably unsecure, be it from this visual basic loophole or the built in HTML and Active X controls. I can’t stress how anyone who values their data and privacy should not use any MS mailers, in fact you should disable ActiveX if you’re using IE and remove Microsoft services (ports 137-139) from your TCP/IP protocol unless you use it often. There are some great free and non-free mailers out there, but too many IT managers and end users are in love with MS’s brand name. After Melissa I can’t feel any sympathy for them.
Right now I’m sure a few thousand people are working on the next big MS exploit, wanna protect yourself stop using unsecure MS products.
Horselover, you’re dead on for the most part, but it’s part of the toil of building the Tower of Babel. The main reason why other platforms are not as exploited is because they aren’t as well used. In some cases, they aren’t as well used because they aren’t as flexible. In others, it is a case of lemmings off the cliff. And then there is that little bit about ahem trust violations. But the crux of the matter is that if you want to roam, you must do as the roamers do, or risk being sacked.
All right. I’ve degraded to puns. Time to pass out. [lurk mode ON]
::sigh::… Mac lovers… always missing the painfully obvious…
The point of a computer virus is to cause as much damage as possible. The reason nobody makes a virus for a Mac is 'cuz nobody WANTS to. That’s like declaring war with Antarctica.
Sorry to get off topic, but such “missing-the-point”-ness must be addressed.
ON TOPIC… computer viruses (viri…? nevermind) will always be aimed at the biggest target… that is, the non-computer-savvy teenage PC-user, mostly, and/or their parents. People like that are more likely to be gullible, and would probably use Outlook to make their E-mail easier. And most people don’t really know how to use a computer that well, anyway (I once had to spend ten minutes teaching someone how to delete files).
A computer virus is the disease of the ignorant… not one for us 'Dopers here, right?
The other reason viruses for Windows are so popular is that Windows allows programs to do almost whatever they want with the system. Time and again I will walk up to a public library, or mall computer, and despite having had almost everything that makes up an operating system disabled, be able to edit the config.pol file, or run telnet, or open a command prompt.
There are no real permission levels, which is probably why viruses don’t spread as easily on a WinNT network, and even fewer Linux viruses, despite them being written for the same chipset.
I’ve heard the reason Windows 95/98/2000 home edition are not secure is only because of games. Apparently game performance depends on direct access to system hardware.
Hm. On the other hand, Macs aren’t terribly secure either (although OSX may be changing that). A quick net search indicates estimates of between two and three hundred Mac viruses.
Well, despite being safe due to using Linux, I would just like this opportunity to say.
STUPID STUPID USERS! What were you thinking? This is just the same as the melissa virus! Delete strange attachments, do not run or view them! E-mail the person asking them what it was!
Heck, I delete all my spam/strange mail in pine, just so that Netscape doesn’t parse the cgi/cookie requests and encourage spammers.
Ok. Done ranting.
Yeah i was getting all these wierd emails with innocent enough looking names but all the contents were empty and there were attachments. I deleted them so i dont know if they were anything though. Funny enough, I don’t value my data or my privacy, just my time