Feeds

No 'sorry' from Love Bug author

Five years on, Spyder keeps schtum

  • alert
  • submit to reddit

Seven Steps to Software Security

Five years ago, a new "supervirus" hit the headlines. It had the two successful - but evil - elements: destructive virus coding coupled to an enticing title and the simple fact that it arrived from someone the recipient knew. The combination was virus dynamite.

Most viruses start slowly and then build power; "I Love You" hit the computer world like a bomb - anti-virus companies had not seen anything like it and while they struggled to contain the infection, copycats were re-titling the virus and releasing in their own language.

At this point you might expect the story to flash-pan to a prison cell and a description of the miscreant responsible for the outrage safely behind bars. However, the person who almost certainly wrote the virus - proved not only by his own admission but also by a stack of corroborating evidence - is today a free man with a no criminal record.

That's because in the Philippines - where he lives - there were no laws against computer misuse and the authorities had nothing to charge him with.

Today, almost five years after the event "Spyder" (real name Reomel Lamores) is saying nothing about the virus, referring all calls to his lawyer who - in turn - also refuses to comment. Not even "sorry" for the hundreds of millions of pounds of damage it allegedly caused and the general pandemonium it generated.

US tabloid TV programmes and book authors have dangled cheques in front of his nose - but at the moment he rejects them all. Local reports say he fears being kidnapped and has nightmares about being bundled on to a boat and taken to the USA.

Spyder's Web

In May 2000 Spyder was a minor computer programmer in the employ of the local China Bank, living in a low-rent Manila apartment with girlfriend Irene De Guzman. After its release into the wild, I Love You - aka "The Love Bug" - was quickly traced back to Spyder who was held by the authorities on unspecified grounds. US and European law enforcement authorities fought to be the first to try the then twenty seven year-old. The FBI even put seven men on the case, including their specialist virus sniffer Federick Bjorck.

Under questioning Spyder started by claiming total ignorance of events and blandly refused to assist the authorites. Even in the face of mounting evidence - including his own email address carrying the outbound virus - for which he had no explanation.

Eventually, he changed his story to the one he maintains to this day: The honest accident. He was messing around with coding "and the code escaped". Strangely this is slightly supported by the evidence. A thinking virus writer would have worked harder to cover his tracks. Some speculate that the whole stunt was created to impress his new girlfriend and he secretly hoped to get caught.

The virus was smart - for that time - in that it knew about file length. The full title (of the original e-mail) was LOVE-LETTER-FOR-YOU.TXT.vbs. The length of this tile was vital because (on default Windows setting) this hides the .vbs extension and it could be taken as plain text.

When up and running, the virus looked in the address book of Microsoft Outlook and sent copies of itself to everyone therein. For good measure, the virus then linked to four pages on Sky Internet (in the Philippines) which, in turn, downloaded the falsely named WIND-BUGFIX.exe. This had the effect of collecting and sending email addresses and passwords to a known second email address.

This second part of the operation didn’t last long. The ISP noted the huge surge in traffic and suspended the pages. Within hours the FBI bloodhounds were on the scent of the perpetrator. However before they did the title had already changed to one of the hundreds of variations that followed - Very Funny Joke.

In June of that year, and barring any other law with which to prosecute him, authorities charged Spyder's girlfriend Guzman - who came under suspicion because of a certain expertise with computers - under the local "Access Devices Act" of 1994, which outlaws the illegal use of account numbers and passwords - a law directly related to credit card fraud. The charges were based on her owning the central computer from which the virus eminated. However, even these had to be dropped.

Later that year, the Philippines introduced new laws to target and outlaw a wide range of cybercrimes. But as the FBI are quick to point out - there are plenty of places left in the world that the cyber criminal is free to go about his or her business unhindered by the in-this-case-not-so-long arm of the law. ®

Related stories

Roll up for your ILOVEYOU fix
The Register guide to beating the Love Bug. Not
Bill Clinton associates Love Bug with terrorism

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.