On May 4th, 2000, at 11:29AM… the following email was sent out.


Known as the “ILOVEYOU” virus, this email contained a single file attachment with the file name of “LOVE-LETTER-FOR-YOU.txt.vbs” – a VBScript file.

When opened, on a Windows PC with the default settings, this VBScript ran and performed the following actions:

  • Makes multiple copies of itself – including in the Windows and Windows System directories with official looking names like MSKernel32.vbs and Win32DLL.vbs.

  • Added registry entries so that it would start automatically at boot time.

  • Sets the Internet Explorer home page to link to a file called “WIN-BUGSFIX.exe”… which, despite the lovely sounding name, was another trojan that tries to steal passwords which it emails out.

Little tidbit: That trojan contains a copyright text that reads: “barok …i hate go to school suck ->by:spyder @Copyright (c) 2000 GRAMMERSoft Group >Manila,Phils”

  • Searched through the users Microsoft Outlook address book, and sent an email to every contact with a copy of the virus attached.

  • Sends an HTML file (LOVE-LETTER-FOR-YOU.HTM) via mIRC, every time a user joins in IRC channel. This HTML, naturally, contains the virus as well.

  • Then ILOVEYOU gets really nasty. It searches every drive connected to the Windows PC and replaces all .js, .css, and a few others with copies of the virus.

  • It then does the same for all .jpg's and .mp3's as well. It deletes the original and creates a new file (containing the virus script) with the same name as the deleted file… plus “.vbs”. So “IslandsInTheStream.MP3” would be deleted and “IslandsInTheStream.MP3.vbs” would be created with the virus.

Gnarly, right?

This little VBScript went on to infect over 10 million Windows computers – impacting the systems of governments around the world (including the British Parliament and the Pentagon) – costing an estimated $15 Billion dollars (USD) to deal with.

All caused by a college student in the Philippines, who was never prosecuted. He stated that he created ILOVEYOU to steal dial-up internet access passwords.

Because he felt like dial-up access was too expensive. That's not a joke. That's the actual reason this was created.

Files deleted across 10+ million PCs, costing Billions of dollars, and bringing government agencies and companies to a halt… all because a guy in the Philippines didn't want to pay for dial-up Internet access and wrote a VBScript.


The articles here at the Lunduke Journal are often also available as a Video episode and Audio Podcast.

Ways to watch the show: LBRY, YouTube

Ways to listen to the show: RSS Podcast, iTunes, Google Play Music, Spotify

Ways to read the articles: RSS Article Feed.

The Lunduke Journal wouldn't be possible without the support of Linode. Linode provides some of the awesomest Linux server hosting in the world – sign up using this link to get $20 hosting credit. Which ain't too shabby.

Ways to support The Lunduke Journal:

  • Pick up a nice, nerdy T-Shirt over at The Lunduke Store.
  • Become a monthly patron over at Patreon. This grants access to the exclusive, weekly “Ask Lunduke” show as well as the “Lunduke Journal Quarterly” PDF.