Where Do Viruses And Spyware Come From?
Several thousand new viruses and spyware programs are detected every day by security analysts. Have you ever wondered who creates these plagues, and why?
Who Creates Computer Viruses, and Why?
If I may quote Burt Reynolds, who said in justifying his illegal beer run in "Smokey and the Bandit," the usual reasons for creating malware are "For the money, for the glory, and for the fun... mostly for the money."
In the 1990s, when the Internet was still relatively small and non-commercial, most malware writers did it just to prove that they could. Self-taught programmers considered it a challenge to write software that could replicate itself, penetrate the rudimentary security defenses of that time, and not much more. Many of these viruses did no real harm after penetrating their targets. They displayed braggadocio messages like, "You've been had by the Dark Knight!" The authors of such malware sought to bolster their reputations among other hacker types.
Revenge is another reason why programmers write malware. A disgruntled employee might plant a virus on a company's network as a "going away present" after being laid off, passed over for promotion, or otherwise "disrespected" in his twisted mind. Sometimes an unhappy customer of a corporation would unleash a virus designed to damage or humiliate the company.
Twenty years ago, it might have been the nerdy kid that everyone made fun of in high school, looking to get even. But nowadays, most malware is written and distributed to make money for its authors. And those people are increasingly found to be highly organized cyber-crime gangs, hiding in the shadows of the online world.
What Motivates the Virus Creators?
Viruses may be written to extort money from corporations. "Your network is infected. Pay us or we will shut you down." On a smaller scale, this same blackmail technique is used by fake antimalware program authors to terrorize consumers into buying (equally fake) cures for non-existent virus infections.
Viruses may be the means to spread botnet software to millions of computers. A botnet, or network of computers secretly controlled by a centralized criminal command, can be used to launch denial-of-service attacks against Web servers, or to distribute millions of spam emails from many enslaved computers at once. See my related article What is a Botnet? for more details.
Spyware is sometimes written to capture identity and security information that can be put to profitable use. Spyware may capture financial account login information, credit card and bank account numbers, and information that can be used to steal someone's identity. There are underground trading sites where lists of stolen credit card records sell for up to $30 per record. The buyers then use the stolen info to buy goods and services in the victims' names.
Some cyber-crime gangs operate for both profit and socio-political reasons. A group called Anonymous has taken credit for denial of service attacks against PayPal and Visa, to protest their refusal to aid the WikiLeaks project, and they have also attacked or threatened the IMF and the US Federal Reserve over policy issues.
Eastern European and Asian nations such as Russia, Romania and China are hotbeds of malware authorship. Brazil is another leading source of malware. These nations have in common a concentration of educated, talented programmers and few legitimate employment opportunities. Cyber-crime is perceived as the best use of their skills. Some of the world's most notorious spammers and cyber-crime gang leaders (http://www.spamhaus.org/statistics/spammers.lasso) are listed in a Spamhaus report that is updated regularly.
Malware is big business, and it will continue to grow as the Internet and e-commerce grow. So will the security business. Think of it as an arms race in the digital world.
Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 14 Jun 2011
|For Fun: Buy Bob a Snickers.|
How to Backup, Sync and Share Your Bookmarks
The Top Twenty
Do Download Accelerators Really Work?
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Where Do Viruses And Spyware Come From? (Posted: 14 Jun 2011)
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Where Do Viruses And Spyware Come From?"
14 Jun 2011
Your article doesn't answer where the common Facebook virus came from. Recently Facebook accounts were hacked, mine included. My account would send a self replicating message saying i had some racy photos to look at. The message was self replicating in that anyone who went to the "false URL" would then have his Facebook account hacked. Who started that virus? Is it a virus or a worm? Why doesn't Facebook delete that virus at the source?
29 May 2012
I'm a big fan of your newsletter and happen to be a romanian citizen. I totally disagree with including my country into "hotbeds of malware authorship"!
Go to said "Spamhaus Project" --> http://www.spamhaus.org/statistics/countries/ and notice that Romania is not in there! Maybe you were refering to Ukraine, which is a totally different country!
EDITOR'S NOTE: The Spamhaus reference was to spam-producing countries. It's true that Romania is not on that list, but nonetheless, Romania is one of many hotbeds for malware creation. When I google "malware romania" the top result is "US, China, Romania lead malware attacks".