The messages were embedded with an executable document entitled 'iloveyou.exe'. The Trojan application then infects the user with the Storm malware.
Security firm Message Labs said that the deluge of emails accounted for as much as two per cent of all spam recorded on 19 May.
"This attack should serve as a warning to those who are not securing their email and web traffic properly," said Message Labs senior analyst Paul Wood.
"The impact of this latest Storm attack remains to be seen, but Storm's authors have proved their ability to bypass the majority of traditional antivirus tools in order to reach their targets."
The new spam run is the first major offensive from Storm since early May, when it was reported that the botnet was shrinking after nearly 18 months as hackers turned to new botnets.
Message Labs' report also confirms earlier fears that Storm was regrouping and preparing for a new offensive.
Researchers have also reported that the hackers behind the worm are amassing a large collection of infected websites possibly to host attacks.