Why Does Malware Exist?

Category: Security

Computer viruses are everywhere. Spam is abounding. Computer intrusions, identity theft, denial of service attacks and other cybercrimes are commonplace. Who does this stuff, and what’s wrong with them? Let's take a look at what motivates the miscreants who menace millions on the Internet...

Hackers, Spammers and Cybercriminals

Have you ever wondered why there's so much spam, so many computer viruses, rampant identity theft, and other perils of using the Internet? Perhaps it boils down to the ancient philosophical question, “Why is there evil in the world?”

Greed is the most common motivation for cybercrimes, as it is in the real world. There are big bucks to be made in malware that steals credit card, bank account, and identity details, corporate secrets, and other valuable data. The gullible will readily give money in exchange for counterfeit goods or just the false promise of goods. Some people will pay good money to have business competitors beaten up online. Most of the online damage is done for money.

Hatred is another ugly motivator. Often, it is disguised as heroism, a noble fight against a perceived evil enemy, which may be an individual, organization, corporation or government. But it’s hatred, none the less. Examples of this include those who maliciously deface the websites of organizations with whom they disagree. Or it could be a group like Anonymous or LulzSec that perpetrate denial of service attacks against their philosophical enemies.
Why Does Cybercrime Exist?

Egotism is a third motivation. The desire to show the world how good your skills are, to do what others have failed to do, to make yourself look smart by making others look stupid, are all very satisfying to insecure egos. Some hacking groups have done this by breaking into websites, stealing embarrassing or confidential information, and publishing it online.

Grab That Cash With Both Hands and Make a Stash...

How do cybercrooks make money? The answer has changed over time. But mostly, it’s All About the Money. (Hat tips to Pink Floyd and Travis Tritt.)

Sanford Wallace was the original self-styled “Spam King.” In the 1990's, he had an ostensibly legitimate advertising business, sending out millions of unsolicited emails that advertise products or services for sale. He got paid a pittance for each email he sent, and a commission for each sale consummated in response to an email. According to “Spamford,” he made millions of dollars providing a perfectly legal service to merchants and consumers.

But eventually, spam stopped paying so well. Spam filters improved, and consumers became more wary of unsolicited offers. Spammers increasingly switched from selling things in annoying but legitimate ways to deliberately trying to defraud people.

Most modern spam intends to sell your identity, not to sell you a product. That cheap product may not even exist; all that matters is that you complete the order form with your name, address, and credit card or bank account data. This data is sold to others who take the risk of making bogus charges and cash withdrawals.

Many millions of people fall for such ID theft, depressing the market value of an individual’s information. Spammers, or phishers as most of them are these days, have to do very high volumes of mailings to make any serious money. So they turn to malware in order to get others to work for them for free.

Botnets, Scammers and Hackers

Botnets are networks of computers that have been enslaved by hidden malware. The botnet malware uses a slave computer to make more mailings and distribute copies of itself, all unbeknown to the computer’s owner. A botnet is controlled and directed from a central server, which receives the stolen identity information. A few highly successful botnets have enslaved millions of computers worldwide. See my related article BOTNET ALERT: Are You Vulnerable? http://askbobrankin.com/botnet_alert_are_you_vulnerable.html to learn more about botnets, and some encouraging news about the takedowns of some of the biggest offenders.

Then there are the low-volume, high-value cybercrooks. They include so-called Nigerian "419 scammers" who find affluent and gullible victims to milk for thousands of dollars. I wrote about the 419 Scam http://askbobrankin.com/nigerian_scammers.html back in 2006, and it's still going strong today. They also include online bank robbers who hack into financial institutions and steal millions at once, often just skimming a few unnoticed cents off of each customer’s account. One of the boldest cases involved the theft of over $45 million in 27 countries over the course of a few hours.

In that case, hackers broke into the networks of several banks and swiped PINs associated with the banks’ own accounts, not those of customers. Debit cards were forged that could use the stolen PINs to withdraw cash from ATMs. Hundreds of co-conspirators drained ATMs dry at approximately the same time, delivering the ringleaders’ share of the cash to their bosses and pocketing their wages. Only seven New Yorkers have been arrested in that case so far.

Cybercrime and (occasionally) Punishment

Relatively few online crooks are caught and punished. It’s very difficult to investigate and prove such crimes because the criminal activity is hard to trace and often spans international borders. The few successful prosecutions we read about tend to be very large cases that are worth the trouble and expense to prosecutors. One recent arrest involved the alleged ringleader of the LulzSec hacking organization. http://mashable.com/2013/04/24/lulzsec-arrested-australia/

"Spamford" Wallace now faces the prospect of jail time and fines of several hundred million dollars. Oleg Nikolaenko is a 25 year-old Russian “spam king” who allegedly ran a botnet that churned out over 10 billion spam emails every day, an estimated one-third of all spam in the world. He is currently awaiting trial in a Wisconsin jail on charges of violating the U.S. CAN-SPAM Act. A few other spammers have been convicted, but thousands more remain in business.

There is no end in sight to the war on cybercrime, and sadly, most goes unpunished. The best that you can do is try to avoid becoming a victim. Keep your malware and anti-spam defenses up. Be wary of phishing attempts. Monitor your credit and bank accounts for unauthorized transactions. Look for more computer security information on on this website, or check out my ebook "Everything You Need to Know About INTERNET SECURITY and PRIVACY".

Your thoughts on this topic are welcome! Post your comment or question below...

 
Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Email:

Check out other articles in this category:



Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 17 May 2013


For Fun: Buy Bob a Snickers.

Prev Article:
Best Browser for Malware Protection?

The Top Twenty
Next Article:
Send Money With Gmail

Most recent comments on "Why Does Malware Exist?"

Posted by:

bob price
17 May 2013

What I hate, and don't understand, are home page hijackers. This happened last night when downloading something. In a blink, my home page was gone, replaced by some stupid search thing, and suddenly I had five new toolbars!

It took an hour to get rid of it all, numerous reboots, and a lot of swearing.

Do these fools really think I'm going to enjoy their crap over my carefully selected tabs?

I don't understand why they do it.


Posted by:

Bob F
17 May 2013

Hi Bob, this is another interesting article from you and I hope many will read it and keep their PC's tooled up against these threats.
I suppose, without the Bad Guys, there wouldn't be the thousands of jobs for techy's working to beat the threats. It's an ill-wind!
Kind regards etc.,


Posted by:

Deborah
17 May 2013

My comment for this article is similar to one posted for another article.

Thanks to some nasty trojans that got past daily updated and constantly running, Microsoft Security Essentials and a regularly updated operating system, I'm recently out about $100 (on a low, fixed income).

In addition, I have an older computer that is now without sound due to not being able to replace an old multimedia driver.

On top of that, I endured a lot of stress and aggravation which was not good for my heart condition.

All this happened a couple weeks before my ONLINE college classes were finished. It took about a week to get my computer mostly recovered on my own after I had to buy an operating system disc. I have a used computer that did not come with a disc.

Excuse me for venting; but...


I understand that a lot of the cybercrime that goes on is due to greed and/or attacks against one's enemies.

However...

I think it is an absolute shame and slap in the face of the Almighty for anyone with the intelligence God gave them to use that intelligence for such heinous activities such as creating mal-ware.

If these same people would focus their intelligence on doing good, they could eliminate a lot of suffering in the world.

Why not take on some of society's problems like preventing some of the over 27,000 people who succumb to death daily from hunger, dirty water and lack of medical treatment; or the multitude of people living on the streets; or kids going to bed or school hungry (even in the U.S.); or the thousands of unwanted pets put to sleep daily; or any of the other items on the long list of wrongs that need to be righted?

Wake up offenders! You will someday be held accountable whether you believe in God or not. Call it Karma or whatever. What you put out there will come back to you in one form or another.

FYI, you might try reading the ten commandments. Included in there is a warning of how punishment for your sins can come back to you, your kids, your grand-kids or your great grand-kids.

And, don't even think about giving an excuse of how you were wronged somewhere in your life. How absolutely insane and sociopathic to take out your hurt and frustration on someone totally unrelated to your past problem. That makes you no better than your offender.

Turn it around. Use your God given gifts for good. You can be blessed for doing so and you can use your talents to raise money to fix some of society's ills.

Then again, maybe you aren't man or woman enough to do that. Maybe you are a sociopath. If so, I pray you get the help you need very soon.

And for those who post after this that will wonder why God was brought into this discussion...

Where exactly do you think the ability to become intelligent came from; some Big Bang?


Posted by:

Dan
17 May 2013

Well said Deborah


Posted by:

dwmielke
18 May 2013

There is another reason for all this malware, it is a self fulfilling prophecy. " Someone wink wink" creates some malware and surprise we have just the program to fix it. I can't prove it but I think if we could look hard enough we could trace some of these back to the antivirus writers.


Posted by:

Jim
18 May 2013

I am not the least bit religious - but this last comment sure gives anyone with a modicum of intelligence something to think about!

"Where exactly do you think the ability to become intelligent came from; some Big Bang?"

Well said Sir!

Jim


Posted by:

Peter
18 May 2013

Deborah - nice rant but do you really not see the ridiculous suggestion that an all loving and all seeing and almighty god would really punish your innocent grand children for your crimes???.

Bob - You do not emphasise enough that it is the malware that does not alert you of its presence that is the most dangerous. Do not rely only on your malware gatekeeper but get into the habit of frequent scans for malware that may have got past your defences.


Posted by:

Ming
18 May 2013

How to be safe from malware.
1.Throw out Windows.
2.Install a well-supported copy of Linux (Ubuntu, openSuSE) or buy a Mac.
3.Install all the software updates for your Mac/Linux system.
4.????
5.PROFIT!


Posted by:

Joseph
20 May 2013

Deborah, your message should also be on a blog for wider publicity. What you wrote hits the nail on its head.


Posted by:

Deborah
20 May 2013

Dear Peter and others who believe that God would not harm us OR pull back His protection and allow us to be harmed "because He loves us too much".
Try reading Exodus 20:5
Thou shalt not bow down thyself to them, nor serve them: for I the Lord thy God am a jealous God, visiting the iniquity (defined as a violation of right or duty; wicked act)of the fathers upon the children unto the third and fourth generation of them that hate me.

The rest of the commandments are in Exodus 20.

As for a blog Joseph... If I can figure out how to do it without coming under attack, I might set up a blog regarding the above information.

Again malware writers should be using their intelligence to right some of the long list of worldly wrongs.

It seems they would get more satisfaction from being a hero to innocent people than the villian that harms so many of the innocent.


Posted by:

LindaSView
25 Jun 2013

So, what to do when it's not the end-user's fault?What I would really like investigated is the fact I found two email servers that were breached. One is a major Cable provider with email for users and the other was a web-based email provider. I discovered this the day before the PRISM and NSA activities hit the public realm. The Cable company did admit to my friend, it was aware the email server had been breached, but has yet to let other users of its email server know. The web-based email server, took advantage of my friend who didn't understand the info I sent her that proved it was her email client's problem, butthe security people instead, held her computer "hostage" to go in and clean out all the horrendous "critters" that got on her computer due to the breach at a cost of $250.00! The old "blame the victim" scenario because my friend did not know enough about what I sent her to argue the point. There is a problem out there and I don't understand why these companies are not making consumers aware. Not to sound paranoid, but if the government opened a door and forgot to close it, it makes sense the bad guys would find the door and have a grand time. Sometimes, this is not an end-user's fault and in these two cases, I am seriously concerned as to how many email accounts were breached.Also, if it happened with these two suppliers, how many others? I really would like it investigated as I am just a person who many many years ago began my career writing all the manuals and doing the training when two federal government agencies went to put records on computers and the company I worked for, built the databases. Security was and still is a main concern of mine, but I don't work for some major security firm. I've just kept on top of it from my initial training, back in the early 70's and am a "knowledge worker". I would be happy to share what I found and know, if anyone cares to follow-up.
LindaSView


Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! And please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are previewed, and may be edited before posting.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
RSS   Add to My Yahoo!   Feedburner Feed
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy -- See my profile on Google.


Article information: AskBobRankin -- Why Does Malware Exist? (Posted: 17 May 2013)
Source: http://askbobrankin.com/why_does_malware_exist.html
Copyright © 2005 - Bob Rankin - All Rights Reserved