Network Associates breaks heart of Love Bug

Johannesburg, 09 May 2000
Read time 2min 20sec

Recorded as the most damaging virus in history, the Love Bug worm and its multiple variants crippled millions of computers world-wide. The Love Bug caused projected damages in excess of over R 26 billion.

Network Associates led the way in the detection and cleaning of the virus and its variants, providing support and education to hundreds of thousands of customers across the globe. Company experts served as the leading authority, taking centre stage on major media outlets such as CNN, ABC World News Tonight and Nightline, all with world-wide syndication.

Love Bug splats on Network Associates WebShield McAfee`s WebShield 4.5 SMTP content filtering quickly stopped the `love letter` virus and its variants from entering NAI systems by identifying the subject line and attachment names - even before any updated DAT files were available from McAfee`s AVERT team.

GroupShield On-Access and On-Demand scanning prevented infected messages from entering Exchange server information stores, removing any existing messages that entered before content filtering was enabled. Together, Webshield and Groupshield stopped over 8000 "I Love You" email messages sent to NAI via the Internet, thus preventing any disruption to NAI email systems.

If the virus had actually been able to enter the NAI network, McAfee`s VirusScan would have protected desktop systems from infection. McAfee`s new virus management system - ePolicy Orchestrator (ePO) - made sure that the latest DAT file was deployed to all desktops and provided information on how far the virus tried (but failed) to enter the NAI network.

Millions of computer systems around the world have been affected by the "I Love You" virus. The virus has affected systems from the Pentagon to the British Parliament, and put Asian governments on alert.

According to Network Associates managing director, Lloyd Wood, "Security experts at Network Associates have analysed the "I Love You" virus thoroughly. Users get an email, sometimes from someone they know, asking them to check the attached `Love Letter.` This file is a VisualBasic script, which contains the virus payload. As long as the user deletes the email without opening the attachment, their computer is safe from harm. Once a computer is infected, the virus transmits itself through email using Outlook`s address book."

Wood continues by saying that this virus is much more aggressive than the Melissa virus. "What makes this virus so aggressive, is that this virus sends copies to all the addresses, whilst Melissa only sent copies to the first 50 addresses," concludes Wood.

See also