I would think at some point in time we’ve all had a run in with some kind of computer virus or at the very least, your anti-virus software flashing a terrifying warning at you to inform you it has detected something bad and your computer is about to self destruct and all your personal data is being vacuumed up by some unknown digital entity.

We’re very lucky that the anti-virus software we run on our machines or a browsers built in software is now very capable of detecting and warning you about potential risks before you have a chance to execute them and deploy lots of malicious files into your machine.

However, things weren’t always so good….

Before we get into what life was like browsing the internet in the early 2000’s we should take a look at what a computer virus is.

What even is a computer virus??

According to Wikipedia,

In other words, viruses spread and multiply, often without the user’s knowledge, infecting files or entire systems in the process.

Some viruses are relatively harmless, but while others… not so.
In fact, some viruses can wreak absolute havoc. They can corrupt entire filesystems, cause systems to crash repeatedly, steal sensitive information, or even render a computer completely useless. At their worst, viruses can cost billions in damages, steal information that compromises privacy and security, and cause chaos on a global scale. And, unfortunately, a lot of us don’t know a virus has infected our machine until it’s already done some real damage.

ILOVEYOU was one of them.

This simple virus was so incredibly effective, it spread like wildfire in the early 2000’s.
It arrived as a seemingly innocent love letter with an attachment labeled "LOVE-LETTER-FOR-YOU.txt.vbs." But as soon as you opened it, it spread to your contacts, sending the same fake love letter to everyone in your address book. The virus would overwrite essential files, wreak havoc on systems, and infect more than 45 million computers in just a few days

The “.vbs” file was a Visual Basic Script file, a scripting language built into Windows at the time, allowing automated tasks across Windows systems. The script was coded to execute commands within the system as soon as the file was opened, bypassing any additional permissions or prompts. Pretty genius right? Not many people knew about it in that era…. might have saved them.

Once the user opened the attachment, the virus sprang into action. The script replicated itself by sending copies of the infected message to every contact in the victim's Microsoft Outlook address book. In a matter of minutes, it reached everyone in the address book, who would likely open it, given the enticing subject line. This rapid self-replication allowed the virus to spread exponentially, causing a worldwide infection in a short span.

ILOVEYOU was designed not just to spread but also to wreak havoc on the host computer. It targeted essential files, including image, music, and system files with extensions like .jpeg, .mp3, and .vbs, overwriting them with a copy of the virus. This effectively rendered them useless, and users who fell victim found their important files permanently corrupted. RIP to all those pirated movies you downloaded after taking a leap of faith that they wouldn’t come with a virus on their own….

According to anti-virus software producer McAfee, the ILOVEYOU virus had a wide range of attacks:

• It copied itself several times and hid the copies in several folders on the victim’s hard drive.

• It added new files to the victim’s registry keys.

• It replaced several different kinds of files with copies of itself.

• It sent itself through Internet Relay Chat clients as well as e-mail.

• It downloaded a file called WIN-BUGSFIX.EXE from the Internet and executed it. Rather than fix bugs, this program was a password-stealing application that e-mailed secret information to the hacker’s e-mail address.

But what really made it so effective?

On the machine system level, ILOVEYOU relied on the scripting engine system setting (which runs scripting language files such as .vbs files) being enabled, and took advantage of a feature in Windows that hid file extensions by default, which malware authors would use as an exploit.

Windows would parse file names from right to left, stopping at the first period character, showing only those elements to the left of this. The attachment, which had two periods, could thus display the inner fake “txt” file extension.

Text files are considered to be innocuous, as they are normally incapable of running executable code.

The worm used social engineering to entice users to open the attachment (out of actual desire to connect or simple curiosity) to ensure continued propagation. Systemic weaknesses in the design of Microsoft Outlook and Microsoft Windows were exploited that allowed malicious code capable of complete access to the operating system, secondary storage, and system and user data simply by unwitting users clicking on an icon.

It’s one of the examples that no matter how advanced computer technology goes, the human brain remains a critical vulnerability.

Following the devastation caused by ILOVEYOU, the internet wasn’t done with its viral woes. In fact, even as antivirus programs beefed up their defenses, more destructive and sophisticated viruses emerged, each showcasing new ways to exploit both technological and human vulnerabilities. Let’s jump into the infamous Mydoom, and then explore the complex and near sci-fi level of cyber-espionage that was Stuxnet.

Mydoom

In 2004, Mydoom tore through the internet like a digital wildfire, setting records as the fastest-spreading email worm ever. It spread through email with the subject line "Mail Delivery System" or "Mail Transaction Failed," tricking users into thinking it was a legitimate bounced email. Curiosity, paired with the fear of a missed or failed message, led users to open the email and click the attachment—only to unleash one of the most effective viruses of its time.

Mydoom was coded with a worm and a backdoor component, which meant it didn’t just replicate itself; it also installed a hidden access point on the infected machine, giving attackers remote control. This backdoor allowed Mydoom’s creators to commandeer a vast network of compromised computers, forming a botnet capable of launching massive Distributed Denial of Service (DDoS) attacks. In fact, Mydoom’s primary mission was to launch attacks on targeted websites, with big tech companies like Microsoft and SCO Group in its crosshairs.

But the DDoS attacks were just the beginning. Mydoom’s worm spread through email but also via peer-to-peer (P2P) networks, replicating itself in shared folders. Once in a machine, it scoured the victim’s contact list, sending copies of itself to all found addresses, ensuring relentless propagation. And while antivirus companies raced to halt the spread, Mydoom still managed to cripple countless systems, ultimately causing billions in damages. By the time the world saw a decline in Mydoom’s activity, it had made its mark as one of the most costly viruses in history.

The terrifying thing about Mydoom was how it highlighted a weakness in both technology and human instinct. A simple email could become a Trojan horse of mass destruction, and once opened, there was little the user could do but watch as their machine was swept up into the storm.

Stuxnet: The Cyber Weapon

And now, to something straight out of a cyber-thriller: the Stuxnet worm. While ILOVEYOU and Mydoom primarily aimed at personal computers, Stuxnet was a whole different beast—an expertly crafted cyber weapon designed to target industrial systems. Unlike traditional viruses, which spread indiscriminately, Stuxnet had a very specific mission: to infiltrate and damage Iran’s nuclear program.

Discovered in 2010, Stuxnet is believed to have been developed jointly by the U.S. and Israeli governments to sabotage Iran’s uranium enrichment capabilities. It targeted the programmable logic controllers (PLCs) that controlled centrifuges in nuclear facilities. These PLCs, which handle the delicate process of uranium enrichment, were manipulated by Stuxnet to spin the centrifuges at destructive speeds, all while sending normal feedback to the operators, making the sabotage appear as if nothing was wrong.

Stuxnet was engineered with surgical precision. It specifically targeted Siemens software, and would only execute its payload on systems that matched a particular configuration—namely, those used in Iran’s Natanz nuclear facility. This precision kept Stuxnet under the radar for months, as it lay dormant in other machines, waiting until it encountered its exact target. To evade detection, Stuxnet used four zero-day exploits (previously unknown software vulnerabilities), an unprecedented amount at the time, showing just how much planning and resources went into its creation.

Once it found its target, Stuxnet infiltrated the PLCs and altered the rotational speeds of the centrifuges, causing physical damage over time. Iran’s nuclear program experienced mysterious mechanical failures, stalling their progress. The worm, with all its sophisticated control and masking techniques, effectively delayed Iran’s nuclear ambitions without a single shot fired.

The discovery of Stuxnet sent shockwaves through the cybersecurity world. This was no ordinary virus or worm; it was a weapon designed with nation-state resources and intelligence, marking the beginning of a new era in cyber warfare. Stuxnet illustrated how malware could be used not just for data theft or financial gain, but for targeted, physical sabotage with geopolitical implications.

Subscribe today to get even more awesome blogs like this every saturday!