2. THE POINT OF THIS PRESENTATION
• Explain what file extensions are
• Bring awareness to possible extension viruses
• How to protect yourself from such viruses
• Showing the affect of the “I LOVE YOU” virus
4. I LOVE YOU
The "I LOVE YOU" virus, also known as the Love Bug or the
Love letter worm, was one of the most notorious computer
viruses in history. It first appeared in May 2000 and quickly
spread worldwide, causing significant damage to computer
systems.
5. I LOVE YOU
The virus originated in the Philippines and
was created by two computer science
students, Reonel Ramones and Onel de
Guzman. They designed the virus as a
malicious script disguised as a love
confession. The virus was distributed via
email with the subject line "I LOVE YOU"
and an attachment named "LOVE-LETTER-
FOR-YOU.TXT.vbs.“
Notice the ending of the file…
6. I LOVE YOU
When unsuspecting users clicked on the attachment, the virus
activated and began wreaking havoc. It would:
1. Send a copy of itself using Microsoft Outlook to all the users
contacts
2. It would infect the IRC (Internet Relay Chat) program so that
the next time a user starts chatting on the web the worm can
spread to everyone who connects to the chat server.
3. It would search for pictures, videos and music files and would
overwrite or replace them with a copy of itself
4. It would install a password stealing program that would
become active when the recipient opens Internet Explorer and
reboots the computer.
7. I LOVE YOU
The impact of the "I LOVE YOU" virus was immense. Within
hours, it had infected millions of computers around the world,
causing widespread disruptions to businesses and individuals.
The virus targeted banks, government institutions, and even
large corporations, leading to the shutdown of email systems and
financial losses estimated in the billions of dollars.
9. I LOVE YOU
The overall damage was HUGE!
1. Data loss
2. Email system was disrupted
3. Financial losses (targeting banks and trying to steal passwords and
sensitive info)
4. Productivity impact
5. Global reach
10. LET’S TRY UNDERSTAND...
Let’s understand how the virus worked and why it only popped up in
the year 2000 and why did it only affect windows computers.
In order to understand such thing, we will first need to learn about
FILE EXTENSIONS.
11. FILE EXTENSIONS
• A file extension is a set of characters that follows the last
period in a file name, which identifies the type of file and the
program that can open it.
• File extensions are used to help operating systems and
software applications identify and associate files with the
appropriate program.
• File extensions can be used to identify potentially malicious
files that could harm a computer
12. VIDEO FILE EXTENSION EXAMPLES
Some common applications that play video files:
.mp4 .mkv .mov .avi .m4v
VLC Windows Media Player QuickTime
13. IMAGE FILE EXTENSION EXAMPLES
Some common applications that open image files:
.jpg .png .raw .bmp .eps
Windows Photos Irfanview Apple Photos
14. TEXT FILE EXTENSION EXAMPLES
Some common applications that open text files:
.txt .docx .pdf
Adobe Acrobat Notepad Microsoft Word
15. PROGRAM FILE EXTENSION EXAMPLES
.exe .bat .vbs
“.exe” is the most used extension.
These files can run scripts/programs on the computer and access critical
Files on the OS.
Hence, if a hacker can install such files on your computer, they can steal
passwords, Credit Card info, encrypt personal files and hold it for ransom.
16. BACK TO US
If you remember, the virus “I LOVE
YOU” was a .vbs file
"LOVE-LETTER-FOR-
YOU.TXT.vbs“
So, whenever a user would
open the file, it would install a
software that would infect the
computer.
17. THE BEGGING QUESTION!!!
The begging question is, couldn’t the user see that the file ended in
.vbs?
If so, why did he install the program?
There are 2 answer:
1. The user had no idea about file extensions, so they didn’t know
what they were getting into.
2. The user didn’t realize that it’s a .vbs because it had a .txt in the
name and once the program was installed the .vbs was HIDDEN.
18. HIDDEN FILE EXTENSIONS
What is a hidden file extension?
In Windows 2000 Microsoft set the default behavior of file explorer to
hide known file extensions such as .mp4, .pdf, .vbs and so on from the
user.
Before Windows 2000 After Windows 2000
19. THE REASON
The original reason that
Microsoft did this was to simplify
the layout for less savvy users.
Another reason why this was
done, was to prevent users from
accidently changing the
extension when renaming the
file, thus corrupting the file.
22. THE PROBLEM
Hiding the file extension opens a golden door for hacker to install
malware on the computer. For example, a hacker can call a virus that
ends with .exe “document1” and change the icon to a document
icon and the user wouldn’t know the wiser because the extension is
hidden and the icon looks like a document icon.
23. I LOVE YOU
That is how the “I LOVE YOU” virus was made.
The hackers used the new Microsoft feature to get innocent people to
download and open their virus.
And in our case the hackers went even further by adding a .txt part to
the file name so that the few people who did know something about
file extensions got misled.
24. HOW TO ENABLE FILE NAME EXTENSIONS?
1. Go to the settings (options) of
the file explorer
25. HOW TO ENABLE FILE NAME EXTENSIONS?
2. In the folder options go to
“View”
3. Toggle the “Hide extensions to
known file types” off.
4. Than click “Apply”
26. IN CONCLUSION
How can we protect ourselves against such viruses?
1. Enable file name extension, so you can see what kind of file you’re
opening.
2. Be aware not to download anything from any unknow sites, and if
you do have any suspicions ask a professional or scan the file for
viruses.