Slashdot Mirror

← Back to Stories (view on slashdot.org)

Virus Author Motives Changing

Posted by Zonk on from the step-five-profit dept.

Tragamor writes "BBC News is reporting that, with the suspected authors behind the zotob virus recently arrested, they are giving insights into the motivation of modern hackers. With the availability of virus sourcecode, authors are spreading to countries which had previously no history of virus origins." From the article: "What the pair were probably taken aback by was the response that the worm generated. Few virus writers now want to hit the front pages, said Mr Hypponen, most prefer to have their creations sneak under the radar, rack up a few thousand unwitting victims who are then milked for money or saleable data. It appears that Mr Essebar was intending to make money several different ways from the people caught out by the Mytob and Zotob viruses he is alleged to have created. "

7 of 126 comments (clear)

  1. Finally! by RAMMS+EIN · · Score: 5, Funny

    ``With the availability of virus sourcecode, authors are spreading to countries which had previously no history of virus origins.''

    Finally! The year of open-source on the desktop has come!

    --
    Please correct me if I got my facts wrong.
  2. What's more.. by ackthpt · · Score: 5, Interesting
    What's more is they didn't even want you to know that sneaking under the radar without being caught was their goal. Seems they failed on that account miserably. So what's the lesson here? Have a virus/worm with a limited life span? After the first n machines have been infected cease spreading?

    Sure as there's imagination there'll be more tactics to come.

    --

    A feeling of having made the same mistake before: Deja Foobar
    1. Re:What's more.. by Amouth · · Score: 4, Interesting

      Set a ttl and have it relay messages back through its parent host..

      I infect A to infect B+C to infect D+E+F+G and so on.. the messages are passed backwards Have A send random messages to a nother host.. pic up your messages somewere in the stream

      they can't detect it by watching an irc server for inbound connections.. sure they can see who is infected but only one computer each way.. and if you have fun with it by fliping the address around (10.20.30.40 infects 40.30.20.11 infects 11.20.30.41 ....) just keep them guessing..

      use normal transport sockets.. make it look like valid traffic .. i sware the writers are getting lazy.. make something creative.. i have seen spyware that is harder to remove than most viruses these days..

      just some ideas for the people willing to write them.. :)

      --
      '...if only "Jumping to a Conclusion" was an event in the Olympics.'
  3. Four-words summary by Spy+der+Mann · · Score: 5, Insightful

    Before: Fame.
    Now: Fortune.

    'Nuff said.

  4. Re:Oh, the good old days. by Dioscorea · · Score: 4, Informative
    Back in the 90s, virus writing was a hobby, if a black-hat one. The most famous viruses--Melissa, ILOVEYOU, were all done for fun, not for profit.

    Ehh, please don't use lame windoze rubbish like Melissa and ILoveYou as examples of some bygone golden age. Mention something with a bit of substance, like the Morris worm, Zalewski's WormNet, Creeper or even Shockwave Rider.

  5. Or maybe they don't want you to look at porn! by antdude · · Score: 4, Interesting

    See The Register's story.

    --
    Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
  6. Repeat after me... by Anonymous Coward · · Score: 4, Insightful
    If you MUST rely on virus detection software, you have already lost.

    I've had people argue furiously that this is not true. Yet, it does not make sense tactically; if your enemy knows your weakness, it is not benificial to them to let you know about it -- else they loose the ability to exploit the weakness.

    As such, do not attempt to secure what you do not control. Secure the hell out of what you do control. Treat everything else as potentially hostile.

    Do the right thing and spend time to make things as simple as possible on the design level. Eventually, this will pay you back in reduced 'emergencies', though initially it is a real PITA. There's no other way to get a handle on these things -- it's just too complex already.