From: Darryl Baird (dbaird@flint.umich.edu)
Date: 05/04/00-10:17:55 AM Z
sorry, but this appears serious
quoting CNN
"Security experts at F-Secure have analyzed the virus thoroughly. Users
usually get an e-mail,
sometimes from someone they know, asking them to
check the attached "Love Letter." That file
is a VisualBasic script, which contains the
virus payload. As long as the user deletes the e-mail
without opening the attachment, their computer
is safe from harm. Once a computer is infected,
the virus transmit itself through e-mail using
Outlook's address book.
"What makes this virus so much more aggressive
than Melissa is that this virus sends copies to
all the addresses, whilst Melissa only sent
copies to the first 50 addresses," Fagerland said.
The virus can also travel through the Internet
Relay Chat client mIRC, according to F-Secure,
which has analyzed the malicious code.
Unlike the "Melissa" virus, which traveled in a
similar fashion, "ILOVEYOU" is more
destructive. First, it copies itself to two
critical system directories and adds triggers in the
Windows registry. This ensures that it's running
every time the computer reboots.
The virus then starts affecting data files.
Files associated with Web development, including ".js"
and ".css" files, will be overwritten with a
file in the VisualBasic programming language. The
original file is deleted. It also goes after
multimedia files, affecting JPEGs and MP3s. Again, it
deletes the original file and overwrites it with
a VisualBasic file with a similar name.
-- Darryl Baird Assistant Professor of Art Photography & Graphic Design University of Michigan-Flint
This archive was generated by hypermail 2b29 : 06/13/00-03:10:16 PM Z CST