Slashdot Mirror

← Back to Stories (view on slashdot.org)

Has Mass-Mailed Malware Peaked?

Posted by CmdrTaco on from the still-a-huge-percentage-of-my-inbox dept.

Ant writes "Broadband Reports posted a CRN article about researcher saying mass-mailed worms have reached their peak. Six years ago, on March 26, 1999, Melissa, the first virus that spread by mailing copies of itself to e-mail addresses it found on infected machines, swept the Internet. Today, the researcher who led authorities to the hacker who wrote Melissa, says that mass-mailed worms have reached their peak."

7 of 221 comments (clear)

  1. I believe it. by BaldGhoti · · Score: 4, Interesting

    I believe it. Over the last three years I've seen mail-based virus infections disappear. I don't think I've seen a mail-based virus infection in the last year at all.

    --
    [insert witty sig here]
  2. Just not the same thing. by AaronH · · Score: 5, Interesting

    The problem with statements like these is that they take the name, worms, too literal. A computer virus or worm, although they behave very much like the real organisms, cannot be eradicated like a real virus or worm. To the casual reader you would think the email worms and viruses have been wiped out of existence like polio and small pox. It just isn't the same. Our immune system has a memory and protects itself. For some reason, programmers don't seem to have a memory. How else can you explain buffer overflows still being the number one cause of exploited systems? We all know it, but we just don't do anything about it.

    What is funny though is that if we put as much proactive effort and money into combating preventing electronic viruses and worms as we did with polio and small pox, we could probably truly eliminate these things. What people don't appreciate about the diseases that we have 'wiped out' is that there are teams of very dedicated people (like the CDC) that respond to every reported outbreak of one of these diseases. If we tracked down every computer worm and virus the way we handle Ebola, I think this would all come to an abrupt end.

    But that would but too many antivirus firms and the like out of business. And we can't have that...

  3. Re:anti-virus protection by bcwright · · Score: 3, Interesting

    I'm sure that's part of it - however it's not simply that end-users are employing more protection. Many companies and ISP's are putting antivirus scanners on their mail servers, which provides a basic level of protection for all of the users of their mail service. So even many of the clueless are getting antivirus scanning without even knowing about it.

    I have in fact seen a few viruses get past our ISP's filters only to get caught by the antivirus scanner on the PC - most likely because the ISP only scans the mail when it arrives (and may not yet be looking for that virus signature yet) but the PC only scans it when it's downloaded from the server, which might be some time later and after the virus definitions have been updated on the PC.

    So I'm sure there will continue to be some virus circulation - it's like Krupp and the armor plating: make better armor that the existing shells can't penetrate, so then you can sell all the navies of the world better shells, which requires better armor, and so forth. It's a never-ending battle.

  4. don't celebrate yet by khallow · · Score: 3, Interesting

    As I recall, there was some sort of weird competition going on last year. So was there a "peak" or just an unusually high level of virus creation efforts that could repeat itself in the not so distant future?

  5. Re:The base problem... by dmaxwell · · Score: 4, Interesting

    Well over 90% of what a ClamAV filter I administer catches is variants of HTML.Phishing.Bank. This seems to agree with the other posters who say that attention has shifted from 0wning machines to 0wning bank accounts. Netsky consistently comes in a poor second.

  6. Re:Ok... by cgenman · · Score: 3, Interesting

    I had thought they were just too busy switching over to the far more profitable phishing schemes to write more viruses. I'm getting about 4 phishers a day here, compared to zero e-mail viruses.

    --
    The ______ Agenda
  7. Re:Fear Is the Mind Killer by nchip · · Score: 3, Interesting

    Don't count on that being the reason.

    We have seen viruses where user needs to jump through many hoops:

    1. open the .zip attachment
    2. enter the password for the zip (following the instruction in the email, embedded as .gif semicatchpa to prevent the virus scanners from using the the password to open the zip.
    3. saving .exe in zipfile
    4. running the .exe

    I thought the file was safe since it was password protected

    Tell me, how is this different from a virus telling user to save an ELF attachment, chmod a+x it and run it?

    Viruses rarely anymore exploit software flaws - they exploit the weakest link: user, via automated social engineering.

    Apart from disabling users ability to execute arbitary binaries and perl/python/shell scripts, there only alternative I see is chopping a finger from the infected user everytime they get themself a virus.

    Unfortunatly the first one creates practical problems and the second one legal.

    --
    signatures pending - ansa@kos.to - (dont mail there)