Heartbreaking hacks

Every year hackers take advantage of cupid’s sharp arrow to trip-up unsuspecting online users.

01 worms
Thinkstock

It warms a hacker's heart

Valentine’s Day is historically about love, flowers and chocolate. Unless you're a hacker, then it’s about worms, vulnerabilities, data theft and more. Preying on our need for love and affection, hackers have historically unleashed some hard-hitting attacks around Valentine’s Day, or in relation to the topic of love. So, before you open that Valentine’s Day email or click through to that online dating site, WatchGuard’s Marc Laliberte runs you through some of the most nefarious love-related cyber-attacks.

02 iloveyou

ILOVEYOU

Back in the year 2000, the ILOVEYOU worm was one of the earliest examples of affection-themed attacks. The worm spread in the form of an email message with an attachment titled “LOVE-LETTER-FOR-YOU.txt.vbs.” When the victim opened the attachment, a Visual Basic script executed, which overwrote random files on the local machine and sent a copy of itself to all the victim’s Microsoft Outlook contacts.

The ILOVEYOU worm was estimated to have infected 10 percent of all internet-connected computers worldwide during its time. Damage estimates from the worm, including cost of cleanup, range from $10 billion to $15 billion. Now that’s heartbreaking.

03 valentines day ecard worm
Thinkstock

Valentine’s Day E-Card worm

In February 2008, the FBI released a memo warning internet users to be aware of Valentine’s Day e-cards. In the memo, the FBI told users to be wary of unexpected e-cards that might be spreading the Storm Worm malware. The malicious emails instructed users to click on a link to retrieve a Valentine’s Day e-card from a secret admirer. The link however, only downloaded the Storm Worm onto the client device, infecting the system and adding it to a botnet.

The Storm Worm was discovered in early 2007 and was most active during 2007 and 2008. The worm used holiday-themed e-cards as a primary way to infect new hosts. At its peak, the botnet was estimated to contain over a million infected hosts.

04 heartbleed

Heartbleed

In April 2014, OpenSSL (a popular cryptography library used by many of the internet’s top-visited websites to provide HTTPS encryption) disclosed a critical vulnerability caused by a bug in the library’s code. The bug allowed attackers to read chunks of a vulnerable system’s memory by sending malformed encryption heartbeat requests, hence the name Heartbleed. During an attack, the responses returned by the server could contain anything ranging from RSA Private Keys (used for keeping HTTPS connections secure) to account credentials or even confidential messages handled by the server.

Around 17 percent of all secure (HTTPS-providing) web servers on the internet were estimated to be vulnerable to Heartbleed at the time of its public disclosure. Damage estimates from Heartbleed start at $500 million.

05 ashley madison
REUTERS/Mark Blinch

Ashley Madison breach

In July and August 2015, a “hacktivists” group calling itself “The Impact Team” released a massive dump of customer data stolen from adult infidelity website AshleyMadison.com. The data breach exposed the personal information of more than 30 million accounts on the website including names, email addresses, and details of sexual preferences. The Impact Team released the stolen data to substantiate their claim that the $20 account “Full Delete” service offered by Ashley Madison was a scam, which Ashley Madison’s parent company denies.

The Ashley Madison data breach resulted in numerous reported cases of extortion targeting individuals linked to accounts on the website. Ashley Madison’s parent company, Avid Dating Life Inc. faces a $576 million class action lawsuits over accusations that the “Full Delete” service did not remove all user data like the website claimed. Programming errors in the password storage for some user accounts on the website allowed for the recovery of more than 11 million passwords released in the data dump.

06 facebook valentine
RomanLier (Creative Commons BY or BY-SA)

Facebook Valentine phishing

In late January 2017, a Valentine’s Day themed phishing campaign briefly made its rounds on Facebook. The campaign used a poorly worded post instructing users to “find out who their valentine will be” by clicking a link. After clicking the link, victims were instructed to give special permissions to a third-party Facebook application that then automatically re-posted the phishing attack on the victim’s feed. The victim would then be redirected to a series of malicious websites including one hosting scareware that claimed a virus infection on the victim’s computer.

This particular phishing attack was gone within 24 hours, with most of the malicious links used in the attack going inactive. The attack is just the latest in a series of phishing attacks spreading over social media. More serious attacks have resulted in the installation of malicious browser extensions and even ransomware on victim’s computers.

RELATED: How to avoid phishing attacks