ILOVEYOU

The ILOVEYOU worm was coded by Onel de Guzman, then a student at AMA Computer College of the Philippines. At the time of its creation, de Guzman was poor and struggling to pay for the country's dial-up internet access. De Guzman believed that internet access was a human right, and submitted an undergraduate thesis to the college which proposed the development of a trojan to steal internet login details. He claimed that this would allow users to be able to afford an internet connection, arguing that those affected by it would experience no loss. The proposal was rejected by the college, which remarked that his proposal was "illegal" and that "they did not produce burglars". This led de Guzman to claim that his professors were closed-minded, and he ultimately dropped out of the college and began development of the worm.{{cite news |title=Virus Charges Dropped |url=https://www.nytimes.com/2000/09/06/technology/virus-charges-dropped.html |access-date=4 January 2025 |work=The New York Times |date=6 September 2000}}

De Guzman wrote ILOVEYOU in VBScript, and the Windows Script Host is utilized to run the code. ILOVEYOU was distributed through malicious email attachments. The worm was found in emails with the subject "ILOVEYOU" and a message of "Kindly check the attached love letter from me!" The attachment LOVE-LETTER-FOR-YOU.TXT.vbs contained the worm.{{Cite news |last=Meek |first=James |date=2000-05-05 |title=Love bug virus creates worldwide chaos |url=https://www.theguardian.com/world/2000/may/05/jamesmeek |access-date=2024-06-10 |work=The Guardian |language=en-GB |issn=0261-3077}}

Upon opening the file, the worm copies itself into relevant directories so it will be run upon reboot of the computer. Two of the three copies masquerade as legitimate Microsoft Windows library files, named MSKernel32.vbs and Win32DLL.vbs. The other copy retains the original LOVE-LETTER-FOR-YOU.TXT.vbs name.Bishop, Matt. (2000). Analysis of the ILOVEYOU Worm.

The worm attempts to download a trojan horse named WIN-BUGSFIX.exe. To achieve this, the victim's Internet Explorer homepage is set to a URL that downloads the trojan upon opening the browser. If the download is successful, the trojan is set to run upon reboot and the Internet Explorer homepage is set to a blank page. The trojan fulfils Guzman's primary aim by stealing passwords.

The worm sends its trademark email to all contacts in the victim's address book. To prevent multiple emails being sent to one person from each successive run of the worm, a registry key is generated for each address book entry once an email has been sent. The worm will only send an email if the registry key is not present. This also allows for emails to be sent to new contacts placed in the address book. ILOVEYOU also has the capability to spread via Internet Relay Chat channels.

The worm searches connected drives for files to modify. All VBScript files it finds (.vbs, .vbe) are overwritten with the worm's code. Files with extensions .jpg, .jpeg, .js, .jse, .css, .wsh, .sct, .doc and .hta are replaced with copies of the worm that have the same base file name but appended with the .vbs extension. Copies for .mp2 and .mp3 files are similarly produced, but the original files are hidden instead of removed.

The email format is considered to be one of the first examples of malware using social engineering,{{Cite web |last=Speed |first=Richard |date=2020-05-05 |title=It has been 20 years since cybercrims woke up to social engineering with an intriguing little email titled 'ILOVEYOU' |url=https://www.theregister.com/2020/05/05/iloveyou_20_years/ |access-date=2024-06-10 |website=The Register |language=en |archive-date=10 June 2024 |archive-url=https://web.archive.org/web/20240610145153/https://www.theregister.com/2020/05/05/iloveyou_20_years/ |url-status=live }} by encouraging victims to open the attached file under the pretext they had a lover who was attempting to contact them.{{Cite web |last=Poulsen |first=Kevin |date=2010-05-03 |title=Top Ten Most-Destructive Computer Viruses |url=https://www.smithsonianmag.com/science-nature/top-ten-most-destructive-computer-viruses-159542266/ |access-date=2024-06-10 |website=Smithsonian Magazine |language=en |archive-date=17 May 2014 |archive-url=https://web.archive.org/web/20140517133047/https://www.smithsonianmag.com/science-nature/top-ten-most-destructive-computer-viruses-159542266/ |url-status=live }} This was exacerbated by the fact that emails appeared to come from close contacts as a result of the worm's use of its previous victim's contact lists.{{Cite web |last=Winder |first=Davey |date=4 May 2020 |title=This 20-Year-Old Virus Infected 50 Million Windows Computers In 10 Days: Why The ILOVEYOU Pandemic Matters In 2020 |url=https://www.forbes.com/sites/daveywinder/2020/05/04/this-20-year-old-virus-infected-50-million-windows-computers-in-10-days-why-the-iloveyou-pandemic-matters-in-2020/ |access-date=2024-06-10 |website=Forbes |language=en |archive-date=24 October 2020 |archive-url=https://web.archive.org/web/20201024014521/https://www.forbes.com/sites/daveywinder/2020/05/04/this-20-year-old-virus-infected-50-million-windows-computers-in-10-days-why-the-iloveyou-pandemic-matters-in-2020/ |url-status=live }} The worm's subsequent success has resulted in the use of social engineering in many modern-day malware attacks. The attachment exploited a feature of Microsoft Outlook where only one file extension would be displayed. As the file name was parsed from left to right, which would be stopped after the first period, to victims the attachment would appear to be an inconspicuous .txt file incapable of holding malware. The worm's real .vbs extension was hidden. De Guzman also claimed that a bug in Windows 95, where code in email attachments was automatically run upon being clicked, contributed to the worm's success.

The fact that the worm was written in VBScript allowed users to modify it. A user could easily change the worm to replace essential files and destroy the system, allowing more than 25 variations of ILOVEYOU to spread across the Internet, each doing different kinds of damage.{{cite web |title=I LOVE YOU Virus Help |url=https://www.computerhope.com/vinfo/iloveyou.htm |access-date=11 February 2013 |work=Computer Hope |archive-date=9 February 2013 |archive-url=https://web.archive.org/web/20130209052438/http://www.computerhope.com/vinfo/iloveyou.htm |url-status=live }} Most of the variations had to do with what file extensions were affected by the worm. Others modified the email subject to target a specific audience, like the variant "{{lang|it|Cartolina}}" ("postcard") in Italian or "BabyPic" for adults. Some others only changed the credits to the author, which were initially included in the standard version of the virus, removing them entirely or referencing false authors. Others overwrote "EXE" and "COM" files, and the user's computer would then be unbootable upon restarting.{{citation needed|date = February 2022}}

Some mail messages sent by ILOVEYOU include:

• VIRUS ALERT!!{{cite web |date=6 May 2000 |title=Symantec detects all known new variants of VBS.LoveLetter.A worm |url=http://www.symantec.com/region/reg_ap/press/my_000506.html |archive-url=https://web.archive.org/web/20140316002324/http://www.symantec.com/region/reg_ap/press/my_000506.html |archive-date=16 March 2014 |access-date=8 February 2013 |publisher=Symantec}}
• Important! Read Carefully!!

Originally designing the worm to only work in Manila, De Guzman removed this geographic restriction out of curiosity, which allowed the worm to spread worldwide. De Guzman did not expect this worldwide spread.

The worm originated in the Pandacan neighborhood of Manila in the Philippines on 4 May 2000,{{cite web |date=10 May 2000 |title=No excuse for virus toll, warns MessageLabs |url=http://www.messagelabs.com/news/PressReleases/nws-TakingToll.htm |archive-url=https://web.archive.org/web/20001214221100/http://www.messagelabs.com/news/PressReleases/nws-TakingToll.htm |archive-date=14 December 2000 |publisher=MessageLabs}} thereafter moving westward through corporate email systems as employees began their workday that Friday morning {{Ndash}} moving first to Hong Kong, then to Europe, and finally the United States.{{cite news |title='Love bug' hacker is Pandacan man, 23 |url=http://www.philstar.com/networks/83717/love-bug-hacker-pandacan-man-23 |work=The Philippine Star |archive-date=3 February 2014 |access-date=23 August 2013 |archive-url=https://web.archive.org/web/20140203034700/http://www.philstar.com/networks/83717/love-bug-hacker-pandacan-man-23 |url-status=live }} Because the worm used mailing lists as its source of targets, the messages often appeared to come from acquaintances and were therefore often regarded as "safe" by their victims, providing further incentive to open them. Only a few users at each site had to access the attachment to generate millions more messages that crippled mail systems and overwrote millions of files on computers in each successive network.{{Cite web|last1=Mersch|first1=Amy|last2=Nealis|first2=Ellen|title=6 Common Types of Malware|url=https://blog.totalprosource.com/5-common-malware-types|access-date=28 July 2021|website=blog.totalprosource.com|language=en-us|archive-date=28 July 2021|archive-url=https://web.archive.org/web/20210728184724/https://blog.totalprosource.com/5-common-malware-types|url-status=live}}

The outbreak was estimated to have caused US$5.5–8.7 billion in damages worldwide,{{cite web|url=http://www.catalogs.com/info/travel-vacations/top-10-worst-computer-viruses.html|first=George|last=Garza|work=Catalogs.com|title=Top 10 worst computer viruses|access-date=26 May 2008|archive-date=16 May 2008|archive-url=https://web.archive.org/web/20080516211206/http://www.catalogs.com/info/travel-vacations/top-10-worst-computer-viruses.html|url-status=dead}}{{cite web|url=http://bi.gazeta.pl/im/7/5140/m5140197.pdf|title=Język angielski i niemiecki|date=April 2008|language=pl|work=Gazeta Edukacja|archive-url=https://web.archive.org/web/20081209232001/http://bi.gazeta.pl/im/7/5140/m5140197.pdf|archive-date=9 December 2008}}{{better source needed|date=August 2019}} and estimated to cost US$10–15 billion to remove the worm.{{cite news|last=Winder|first=Davey|title=This 20-Year-Old Virus Infected 50 Million Windows Computers In 10 Days: Why The ILOVEYOU Pandemic Matters In 2020|url=https://www.forbes.com/sites/daveywinder/2020/05/04/this-20-year-old-virus-infected-50-million-windows-computers-in-10-days-why-the-iloveyou-pandemic-matters-in-2020/?sh=3c9c24683c7c|access-date=22 February 2021|work=Forbes|date=4 May 2020|archive-date=1 August 2021|archive-url=https://web.archive.org/web/20210801115439/https://www.forbes.com/sites/daveywinder/2020/05/04/this-20-year-old-virus-infected-50-million-windows-computers-in-10-days-why-the-iloveyou-pandemic-matters-in-2020/?sh=3c9c24683c7c|url-status=live}}{{cite web|url=http://tech.ca.msn.com/photogallery.aspx?cp-documentid=27611570&page=1|title=The 'love' bug — 10 worst cybercrimes of the decade|first=Jason|last=Buckland|website=tech.ca.msn.com|archive-url=https://web.archive.org/web/20111027131918/http://tech.ca.msn.com/photogallery.aspx?cp-documentid=27611570&page=1|archive-date=27 October 2011}} Within ten days, over fifty million infections had been reported,{{cite news|first=Gary |last=Barker|work=The Age|date=14 May 2000|title=Microsoft May Have Been Target of Lovebug}} and it is estimated that 10% of Internet-connected computers in the world had been affected. Damage cited was mostly the time and effort spent getting rid of the infection and recovering files from backups. At the time, it was one of the world's most destructive computer related disasters ever.{{Cite web|title=5 most dangerous computer viruses of all time|url=https://in.news.yahoo.com/5-most-dangerous-computer-viruses-of-all-time-113637274.html|access-date=28 July 2021|website=in.news.yahoo.com|language=en-US}}{{Cite web|date=10 July 2021|title=10 Deadliest Computer Viruses of All Time|url=https://www.hongkiat.com/blog/famous-malicious-computer-viruses/|access-date=28 July 2021|website=Hongkiat|language=en-US|archive-date=28 July 2021|archive-url=https://web.archive.org/web/20210728185311/https://www.hongkiat.com/blog/famous-malicious-computer-viruses/|url-status=live}}{{Cite web|title=Top 10 Most Destructive Computer Viruses of All Time {{!}} Advanced Computer Consulting|url=https://www.advancedcpc.com/blog/top-10-most-destructive-computer-viruses-all-time|access-date=28 July 2021|website=www.advancedcpc.com|date=24 September 2018|archive-date=28 July 2021|archive-url=https://web.archive.org/web/20210728185309/https://www.advancedcpc.com/blog/top-10-most-destructive-computer-viruses-all-time|url-status=live}}

In the United Kingdom, the worm reached the email servers of the House of Commons on 4 May.{{Cite web |last=Griffiths |first=James |date=2020-05-02 |title=How a badly-coded computer virus caused billions in damage {{!}} CNN Business |url=https://www.cnn.com/2020/05/01/tech/iloveyou-virus-computer-security-intl-hnk/index.html |access-date=2024-06-29 |website=CNN |language=en}} The servers were shut down for two hours in response.{{Cite web |last=Kane |first=Margaret |date=2000-05-03 |title='ILOVEYOU' e-mail worm invades PCs |url=https://www.zdnet.com/article/iloveyou-e-mail-worm-invades-pcs/ |access-date=2024-06-29 |website=ZDNET |language=en |archive-date=30 June 2024 |archive-url=https://web.archive.org/web/20240630020029/https://www.zdnet.com/article/iloveyou-e-mail-worm-invades-pcs/ |url-status=live }} The worm affected the banking system of Belgium.{{Cite report |url=https://www.gao.gov/assets/t-aimd-00-181.pdf |title=Critical Infrastructure Protection: "ILOVEYOU" Computer Virus Highlights Need for Improved Alert and Coordination Capabilities |last=Brock Jr. |first=Jack |date=2000-05-18 |access-date=2024-06-30}}

The worm affected most federal government agencies and caused disruption to multiple, including the Department of Justice, the Department of Labor and the Social Security Administration. Operations of the Department of Defense were significantly obstructed, with the Central Intelligence Agency additionally affected and the United States Army having 2258 infected workstations which cost approximately US$79,200 to recover.{{Cite report |url=https://www.gao.gov/assets/t-aimd-00-181.pdf |title="ILOVEYOU" Virus: Lessons Learned Report |date=2003-04-29 |publisher=United States Army |access-date=2024-06-30}} The Veterans Health Administration received 7,000,000 ILOVEYOU emails during the outbreak, requiring 240 man-hours of work to resolve the problems created. Files at the National Aeronautics and Space Administration were damaged, and in some cases unrecoverable from backups.

The events inspired the song "E-mail" on the Pet Shop Boys' UK top-ten album of 2002, Release, the lyrics of which play thematically on the human desires which enabled the mass destruction of this computer infection.{{citation needed|date=January 2021}}

"I love you [rev.eng]" exhibited in July 2006 is a revamped and expanded version of an exhibition shown in June 2002 in the Museum for Applied Art in Frankfurt, in February 2003 at transmediale in Berlin, in August 2004 at the Watson Institute of the Brown University USA and in October 2004 at the Museum for Communication Copenhagen, Denmark.{{Cite web |date=2006-07-20 |title=I Love You [Rev.Eng] • Digicult {{!}} Digital Art, Design and Culture |url=https://digicult.it/news/i-love-you-rev-eng/ |access-date=2024-12-15 |website=Digicult {{!}} Digital Art, Design and Culture |language=en |archive-date=15 December 2024 |archive-url=https://web.archive.org/web/20241215080957/https://digicult.it/news/i-love-you-rev-eng/ |url-status=live }} In 2009, Kiat Kiat Projects curated an email exhibition entitled "How to Prevent Hair Loss" inspired by ILOVEYOU.{{Cite web |date=2023-12-11 |title=How to Prevent Hair Loss, Kiat Kiat Projects - NECSUS |url=https://necsus-ejms.org/how-to-prevent-hair-loss-kiat-kiat-projects/ |access-date=2024-12-15 |website=necsus-ejms.org |language=en-GB |archive-date=15 December 2024 |archive-url=https://web.archive.org/web/20241215082256/https://necsus-ejms.org/how-to-prevent-hair-loss-kiat-kiat-projects/ |url-status=live }}{{Cite web |title=ArtAsiaPacific: Alternative Toolkits: Interview with Kiat Kiat Projects |url=https://artasiapacific.com/people/alternative-toolkits-interview-with-kiat-kiat-projects |access-date=2024-12-15 |website=artasiapacific.com |archive-date=15 December 2024 |archive-url=https://web.archive.org/web/20241215083748/https://artasiapacific.com/people/alternative-toolkits-interview-with-kiat-kiat-projects |url-status=live }}

The worm inspired the 2011 movie Subject: I Love You starring Jericho Rosales and Briana Evigan.{{Cite web |date=May 3, 2011 |title=Premiere of Jericho Rosales' international film Subject: I Love You at Newport Beach Film Festival sold out |url=https://www.spot.ph/newsfeatures/48248/hollywood-premiere-of-jericho-rosales-emsubject-i-love-youem-sold-out?s=ik9393mld7d7dfsito0k0k83jg |access-date=2024-12-15 |website=SPOT.PH |language=en |archive-date=26 January 2025 |archive-url=https://web.archive.org/web/20250126135153/https://www.spot.ph/newsfeatures/48248/hollywood-premiere-of-jericho-rosales-emsubject-i-love-youem-sold-out?s=ik9393mld7d7dfsito0k0k83jg |url-status=live }} In 2019, The Persistence of Chaos, a laptop infected with six viruses including ILOVEYOU was sold at auction by Chinese artist Guo O Dong.{{Cite web |last=Magazine |first=Smithsonian |last2=Solly |first2=Meilan |title=A Laptop Infected With the World's Most Dangerous Viruses Sold for $1.3 Million |url=https://www.smithsonianmag.com/smart-news/laptop-infected-worlds-most-dangerous-viruses-sold-13-million-180972315/ |access-date=2024-12-15 |website=Smithsonian Magazine |language=en}} In November 2024, The Museum of Malware Art in Helsinki, Finland included a sculpture about ILOVEYOU.{{Cite web |date=2024-07-05 |title=Art and cybersecurity collide at the Museum of Malware Art |url=https://cybernews.com/editorial/art-and-cybersecurity-collide-malware-museum/#:~:text=An%20'ILOVEYOU'%20sculpture%20represents%20much,made%20from%20crowdsourced%20computer%20mice.&text=Together%20with%20United%20Imaginations,%20a,cybersecurity%20in%20today's%20digital%20world. |access-date=2024-12-15 |website=Cybernews |language=en-US |archive-date=3 November 2024 |archive-url=https://web.archive.org/web/20241103171005/https://cybernews.com/editorial/art-and-cybersecurity-collide-malware-museum/#:~:text=An%20'ILOVEYOU'%20sculpture%20represents%20much,made%20from%20crowdsourced%20computer%20mice.&text=Together%20with%20United%20Imaginations,%20a,cybersecurity%20in%20today's%20digital%20world. |url-status=live }}

On 5 May 2000, de Guzman and another young Filipino programmer named Reonel Ramones became targets of a criminal investigation by agents of the Philippines' National Bureau of Investigation (NBI).{{cite web|url=http://www.acpf.org/WC8th/AgendaItem2/I2%20Pp%20Gana,Phillipine.html|title=Prosecution Of Cyber Crimes Through Appropriate Cyber Legislation In The Republic Of The Philippines|first=Severino H. Jr.|last=Gana|website=www.acpf.org|archive-url=https://web.archive.org/web/20080206114348/http://www.acpf.org/WC8th/AgendaItem2/I2%20Pp%20Gana%2CPhillipine.html|archive-date=6 February 2008}} Local Internet service provider Sky Internet had reported receiving numerous contacts from European computer users alleging that malware (in the form of the "ILOVEYOU" worm) had been sent via the ISP's servers.{{Cite web|date=14 February 2017|title=ILOVEYOU: The wrong kind of LoveLetter|url=https://www.welivesecurity.com/2017/02/14/iloveyou-wrong-kind-loveletter/|access-date=28 July 2021|website=WeLiveSecurity|language=en-US|archive-date=28 July 2021|archive-url=https://web.archive.org/web/20210728191423/https://www.welivesecurity.com/2017/02/14/iloveyou-wrong-kind-loveletter/|url-status=live}}

De Guzman attempted to hide the evidence by removing his computer from his apartment, but he accidentally left some disks behind that contained the worm, as well as information that implicated a possible co-conspirator.

After surveillance and investigation by Darwin Bawasanta of Sky Internet, the NBI traced a frequently appearing telephone number{{clarify|reason=Where did this phone number appear?|date=September 2020}} to Ramones' apartment in Manila. His residence was searched and Ramones was arrested and placed under investigation by the Department of Justice (DOJ). De Guzman was also charged in absentia.{{Citation needed|date=May 2020}}

At that point, the NBI was unsure of what felony or crime would apply. It was suggested they be charged with violating Republic Act 8484 (the Access Device Regulation Act), a law designed mainly to penalize credit card fraud, since both used pre-paid (if not stolen) Internet cards to purchase access to ISPs. Another idea was that they could be charged with malicious mischief, a felony (under the Philippines Revised Penal Code of 1932) involving damage to property. The drawback here was that one of its elements, aside from damage to property, was intent to damage, and de Guzman had claimed during custodial investigations that he might have unwittingly released the worm.{{cite news|url=https://www.nytimes.com/2000/10/21/business/a-filipino-linked-to-love-bug-talks-about-his-license-to-hack.html|work=The New York Times|title=A Filipino Linked to 'Love Bug' Talks About His License to Hack|first=Mark|last=Landler|date=21 October 2000|access-date=5 May 2010|archive-date=23 March 2010|archive-url=https://web.archive.org/web/20100323193815/http://www.nytimes.com/2000/10/21/business/a-filipino-linked-to-love-bug-talks-about-his-license-to-hack.html|url-status=live}} At a press conference organized by his lawyer on 11 May, he said "It is possible" when asked whether he might have done so.

To show intent, the NBI investigated AMA Computer College, where de Guzman had dropped out at the very end of his final year.

Since there were no laws in the Philippines against writing malware at the time, both Ramones and de Guzman were released, with all charges dropped by state prosecutors.{{cite news|url=https://www.nytimes.com/2000/08/22/business/technology-philippines-to-drop-charges-on-e-mail-virus.html|work=The New York Times|title=Technology; Philippines to Drop Charges on E-Mail Virus|first=Wayne|last=Arnold|date=22 August 2000|access-date=5 May 2010|archive-date=9 February 2011|archive-url=https://web.archive.org/web/20110209193844/http://www.nytimes.com/2000/08/22/business/technology-philippines-to-drop-charges-on-e-mail-virus.html|url-status=live}} To address this legislative deficiency, the Philippine Congress enacted Republic Act No. 8792,{{cite web|url=http://www.chanrobles.com/republicactno8792.htm|title=Republic Act No. 8792 — An Act Providing For The Recognition And Use Of Electronic Commercial And Non-Commercial Transactions And Documents, Penalties For Unlawful Use Thereof And For Other Purposes|via=ChanRobles.com|date=1 August 2001|access-date=5 December 2010|archive-date=5 December 2010|archive-url=https://web.archive.org/web/20101205051522/http://www.chanrobles.com/republicactno8792.htm|url-status=live}} otherwise known as the E-Commerce Law, in July 2000, months after the worm outbreak.

In 2012, the Smithsonian Institution named ILOVEYOU one of the top ten most virulent computer viruses in history.

De Guzman did not want public attention. His last known public appearance was at the 2000 press conference, where he obscured his face and allowed his lawyer to answer most questions; his whereabouts remained unknown for 20 years afterward. In May 2020, investigative journalist Geoff White revealed that while researching his cybercrime book Crime Dot Com, he had found de Guzman working at a mobile phone repair stall in Manila. De Guzman admitted to creating and releasing the virus.{{Cite web |last=Tyagi |first=Sachin |date=6 August 2022 |title=What is The First Computer Virus in The Philippines? (2022) |url=https://kvskolkata.org.in/what-is-the-first-computer-virus-in-the-philippines/ |access-date=16 August 2022 |language=en-US |archive-date=15 August 2022 |archive-url=https://web.archive.org/web/20220815002127/https://kvskolkata.org.in/what-is-the-first-computer-virus-in-the-philippines/ |url-status=live }} He claimed he had initially developed it to steal internet access passwords, since he could not afford to pay for access. He also stated that he created it alone, clearing the two others who had been accused of co-writing the worm.{{cite news|last=White|first=Geoff|date=2 May 2020|title=Love Bug's creator tracked down to repair shop in Manila|publisher=BBC News|url=https://www.bbc.com/news/technology-52458765|archive-date=3 May 2020|access-date=3 May 2020|archive-url=https://web.archive.org/web/20200503002522/https://www.bbc.com/news/technology-52458765|url-status=live}}{{cite magazine|last=White|first=Geoff|date=21 April 2020|title=Revealed: The man behind the first major computer virus pandemic|url=https://www.computerweekly.com/news/252481937/Revealed-The-man-behind-the-first-major-computer-virus-pandemic|magazine=Computer Weekly|access-date=3 May 2020|archive-date=19 November 2024|archive-url=https://web.archive.org/web/20241119065137/https://www.computerweekly.com/news/252481937/Revealed-The-man-behind-the-first-major-computer-virus-pandemic|url-status=live}}

• Christmas Tree EXEC
• Code Red worm
• Computer virus
• NewLove
• Nimda
• Timeline of notable computer viruses and worms
• The Persistence of Chaos (artwork)

{{Reflist}}

• [https://rixstep.com/1/20040504,00.shtml The Love Bug - A Retrospect]
• [https://web.archive.org/web/20120531100802/http://handle.dtic.mil/100.2/ADA415104 ILOVEYOU Virus Lessons Learned Report, Army Forces Command] (archive)
• [https://radsoft.net/news/roundups/luv/ Radsoft: The ILOVEYOU Roundup]
• "[https://www.theregister.co.uk/2005/05/11/love_bug_author/ No 'sorry' from Love Bug author]" at The Register
• [https://web.archive.org/web/20001204063700/http://www.cert.org/advisories/CA-2000-04.html CERT Advisory CA-2000-04 Love Letter Worm] (archive)

{{Hacking in the 2000s}}

Category:Computer worms

Category:Email worms

Category:Communications in the Philippines

Category:2000 in the Philippines

Category:Hacking in the 2000s

Category:2000 introductions

Category:Controversies in the Philippines