Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Malware of the Future May Come Bearing Real Gifts

Posted by samzenpus on from the not-so-bad dept.

An anonymous reader writes "Research by Prof. Giovanni Vigna of the University of California leads him to believe that the malware of the future will come in a friendly form, be genuinely useful and may not reveal its intentions for a protracted period of time. Prof. Vigna, speaking at IP Expo in London, outlined a fearful future of 'mimicry' in evolved strains of malware. In the current stage of the war between malware and security researchers, the emphasis is almost entirely on the attempt to convince increasingly intelligent — and increasingly suspicious — malware that it is operating in a bare-metal environment when it is in fact in a sandbox or VM environment. For the malware, the stakes are tremendously high — if it has reached the point of OS-level execution without its hash being indexed and red-flagged by online security databases, it cannot afford to reveal its intentions in a test environment. This article outlines the extraordinary game of cat-and-mouse being played between researchers and hackers, and how future malware exploits are likely to abandon a rush for the buffer overflow in favor of 'the long game' — and to make themselves useful in the process.

103 comments

  1. Malware by j127 · · Score: 5, Insightful

    It's already here. They're called smartphone apps.

    1. Re:Malware by Anonymous Coward · · Score: 0

      And the NSA and other governments thank you.

    2. Re:Malware by Anonymous Coward · · Score: 0

      Maybe not just the Apps. How about Android itself? It provides benefits while sucking up all your personal details for Google to sell.

    3. Re:Malware by Anonymous Coward · · Score: 0

      This. I've been amazed at how the kind of behavior we used to consider evil and run all kinds of scans for on Windows is seen as normal in Android.

    4. Re:Malware by Anonymous Coward · · Score: 0

      Don't single Android out. Apple & Microsoft are at it too!

    5. Re: Malware by Anonymous Coward · · Score: 1

      There is a difference. Google is an advertising company, this *is* their core business. Apple earn their money selling devices and MS licenses.

    6. Re: Malware by Anonymous Coward · · Score: 0

      Difference is Google sell advertising, not user data like original AC stated, so it seems fit to spread FUD with more FUD!

    7. Re: Malware by Anonymous Coward · · Score: 0

      Explain AOSP, please?

    8. Re:Malware by Anonymous Coward · · Score: 0

      and systemd

    9. Re:Malware by BringsApples · · Score: 1
      It's already here. It's called the internet.

      The NSA was established in Nov 4, 1952

      The history of the Internet begins with the development of electronic computers in the 1950s. Initial concepts of packet networking originated in several computer science laboratories in the United States, Great Britain, and France. The US Department of Defense awarded contracts as early as the 1960s for packet network systems, including the development of the ARPANET (which would become the first network to use the Internet Protocol.)

      --
      Politics; n. : A religion whereby man is god.
    10. Re:Malware by Registered+Coward+v2 · · Score: 1

      It's already here. They're called smartphone apps.

      Actually, that is probably the holy grail for malware. If you can sneak an app past Apple's testing by delaying its activities you would open up a whole lot of phones to infections. Given the readiness of people to d/l and trust smartphone apps you could probably get away with it for quite some times I doubt many people look for suspicious behavior once your inside the walled garden; just look at what today's apps can (somewhat) openly collect. The challenge is to build one that avoids detection and bypasses Apple's built in protections and become popular enough to get a lot of downloads.

      --
      I'm a consultant - I convert gibberish into cash-flow.
    11. Re:Malware by namgge · · Score: 2

      Not really. The nice/nasty thing about Apple's walled garden, depending on your point of view, is that if just one user notices and reports your malware doing something it shouldn't Apple can revoke the relevant certificates and it's game over within a matter of hours.

      Since one also has to provide proof of identity and pay a subscription to get the certificates in the first place unless the author took a lot of trouble to create a false identity they could be tracked down and prosecuted.

      Now, I am sure there are flaws in this system, but it raises the bar to the point that there are easier ways for a hard-working computer-savvy crook to earn a living.

      Namgge.

    12. Re:Malware by Rob+Riggs · · Score: 0

      It's already here. They're called smartphone apps.

      Exactly. If the ${INSERT_SPY_ORG_HERE} wants to know what you are doing, you will only be presented with a notice that one of your apps has been updated. The government with the most influence over the companies that control the app stores wins the spy war. There are three majors. They are all multinationals based in the U.S.

      When any one of these companies stops playing ball with the U.S., their IRS tax bill will come due. That's your clue to how well they are protecting your privacy.

      --
      the growth in cynicism and rebellion has not been without cause
    13. Re:Malware by gweihir · · Score: 0

      Far older than that. It is called MS Windows and MS office and those were only the first large-scale implementations of the idea. The strategy is called "embrace and extend". Really, has this person been living under a rock?

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    14. Re:Malware by j127 · · Score: 1

      The apps and phones themselves are spyware/adware/malware. I can't use some app unless I send my entire web browsing history to some random, unknown company that monetizes through mining and/or selling data.

  2. Welcome to 10 Years Ago by Anonymous Coward · · Score: 0

    Ever heard of Windows?

    1. Re:Welcome to 10 Years Ago by Anonymous Coward · · Score: 1

      Or Facebook?

  3. Oblig. xkcd by Nemyst · · Score: 4, Funny

    xkcd 810.

    1. Re:Oblig. xkcd by dargaud · · Score: 2

      I can't stand the Family Circus. I don't go around posting about how much it sucks. Get a life and let others enjoy what they want.

      --
      Non-Linux Penguins ?
    2. Re:Oblig. xkcd by CaptainLard · · Score: 1

      Sounds like the new malware model is:

      1. Write great software that everyone wants
      2. Profit!
      3. Break everything
      .....
      5. Go to Jail?

  4. but useful software is not cheap to make by Anonymous Coward · · Score: 0

    The article assumes that malware authors are willing to put in the effort required to produce quality useful software, and that the expense of such effort will be paid back through the exploit.

    I think this is unlikely. Quality software is not that easy to make.

    1. Re:but useful software is not cheap to make by Cenan · · Score: 4, Informative

      AC? Meet download.cnet.com. All the crap you could ever want, nicely bundled with more spyware than you care to imagine. If you're ever in the market for some free software, and dumb enough to use Google to find it, chances are you'll be presented with a forest of hits all directing you there.

      Quality has nothing to do with it. These guys have made a business out of bundling mediocre with bad or downright malicious, and have put in a lot of effort to appear high enough on search engines to catch eyes. Malware authors don't need to produce anything useful at all.

      --
      ... whatever ...
    2. Re:but useful software is not cheap to make by Anonymous Coward · · Score: 0

      Well, maybe some software companies see this simply as their monetization strategy. Maybe in all other respects they're a genuine software shop, but instead of asking users to pay for the software, they install malware. A bit like the spyware spree of the early naughties.

    3. Re:but useful software is not cheap to make by rodrigoandrade · · Score: 1

      Worse.

      A friend of mine worked on a customer's machine that had some uber virus in it. He told me all the tech details, but thanks to one to many Hoegaardens I forgot them. He was only able to isolate the virus by hooking up the customer's HD to a Linux box and fix it.

      Long story short, he innocently contacted Cnet to tell them that software XYZ had a virus in it, ony to be told something along the lines of "yeah, we know, but we get paid to put them there, so there's nothing we can do about it."

    4. Re:but useful software is not cheap to make by Suferick · · Score: 1

      That was his point- at least, in the talk at IP Expo; it hasn't made it so well to the article. The goal is to make effective malware harder and more expensive to write

    5. Re:but useful software is not cheap to make by j127 · · Score: 1

      Is Download.com full of spyware? Could someone post the URLs or names of a few confirmed examples?

    6. Re:but useful software is not cheap to make by ihtoit · · Score: 1

      uh... no, that would be illegal in most developed jurisdictions. Download.com is full of scumware of all shapes I can absolutely confirm.

      --
      Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
    7. Re:but useful software is not cheap to make by ihtoit · · Score: 2

      http://botcrawl.com/cnet-downl...

      From 2013:

      "It’s now verified that CNET bundles malware with their downloads in order to monetize free products and services. To add more, CNET has been sued by numerous software manufacturers for bundling malware with installments of their distributed software, even without notifying the developers. This often causes victims of CNET malware to report the legitimate software they downloaded from the distributor as unethical."

      I stopped using cnet in 2011, the first time I ever came across Webget which nearly bricked my system.

      --
      Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
    8. Re:but useful software is not cheap to make by jeffmflanagan · · Score: 1

      I don't know when CNet went evil, but you were right to stop using them. I made the mistake of doing an express install of an application downloaded from CNet, and wound up with six malware programs installed and ads popping up all over the place. I will never download a program from CNet again.

    9. Re:but useful software is not cheap to make by vandamme · · Score: 1

      "We were unable to detect your operating system." Well, shit, it's Mint 17, is that so hard? Where can I go to get some of that swell CNet spyware for Linux??

  5. Adobe Digital Editions 4 by Bob9113 · · Score: 4, Informative

    Research by Prof. Giovanni Vigna of the University of California leads him to believe that the malware of the future will come in a friendly form, be genuinely useful and may not reveal its intentions for a protracted period of time.

    Some of it will even turn the American public library system into an infectious host. Adobe Digital Editions 4 scans your hard drive and sends some of the data it finds, in the clear, back to Adobe.

    --
    Stop-Prism.org: Opt Out of Surveillance
  6. Adobe market leader! by MrGrey1 · · Score: 2

    Adobes already doing this! They're such an awesome company, leading the way into our Brave New World!

  7. The anti-malware of the future by skirmish666 · · Score: 4, Insightful

    Reports your system as a VM to everything

    --
    Sigger than your average
    1. Re:The anti-malware of the future by Anonymous Coward · · Score: 1

      I'm already changing my admin username to "andy"

  8. Pirated software by fabioalcor · · Score: 1

    I bet that software pirates already have injected malware in many warez, mainly heavy graphics games. Doing so they could discreetly control a lot of powerful machines.

    1. Re:Pirated software by tlhIngan · · Score: 4, Interesting

      I bet that software pirates already have injected malware in many warez, mainly heavy graphics games. Doing so they could discreetly control a lot of powerful machines.

      No, the software itself isn't infected with malware, actually. What happens is they infect the keygens or cracks. This is because most software applications are actually signed, as are installers, so they don't bother infecting that - they distribute the original installers with all the original signatures intact.

      But since to use it requires running the crack executable to get the key, well, the user will just double-click it, get their machine infected, and the key to unlock the program they just installed.

      And it's been happening a long time - it's why cracks and keygens are long tagged by AV apps - because while there are a few clean cracks and keygens, you can bet most you find on torrent sites and elsewhere are infected.

    2. Re:Pirated software by Anonymous Coward · · Score: 0

      No, the software itself isn't infected with malware, actually. What happens is they infect the keygens or cracks.

      The first rule of working around copy protection: search for "key.txt" rather than "keygen.exe"

    3. Re:Pirated software by AmiMoJo · · Score: 1

      This is because most software applications are actually signed, as are installers, so they don't bother infecting that - they distribute the original installers with all the original signatures intact.

      It's a real shame too. Used to be that you could buy a game and then download a clean installer without the DRM malware in it, and enter your code from the retail packaging. Now you have no choice but to accept the malware, even on a legitimate purchase. Well, you can chose not to play of course.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    4. Re:Pirated software by Anonymous Coward · · Score: 0

      A but don't forget some are smart enough to get the keygen from a liveboot, frozen box or VM.

    5. Re:Pirated software by Anonymous Coward · · Score: 0

      This is why I only trust things from certain groups that have been putting out quality cracks for the last decade.
       
      There are a few that still do it for the sake of doing it just to be first to flood the scene with their crack.

    6. Re:Pirated software by tlhIngan · · Score: 1

      It's a real shame too. Used to be that you could buy a game and then download a clean installer without the DRM malware in it, and enter your code from the retail packaging. Now you have no choice but to accept the malware, even on a legitimate purchase. Well, you can chose not to play of course.

      I thought this died out now that everyone's using Steam. You could buy a retail box which is just an installer that copies the bulk of the data to your hard drive (saving you a download), but in the end it was just a retail code you entered into Steam to redeem.

      (Which, when you think about it, makes Steam even worse overall than what the Xbone was originally supposed to ship with - at least the Xbone was supposed to allow you to share a game with up to 10 other people, and the ability to transfer the license. Steam lets you share your entire library with someone else but not an individual game, and doesn't have a license transfer mechanism yet ("used game sales").).

    7. Re:Pirated software by ihtoit · · Score: 2

      which is one reason I don't use Steam (sorry to burst your "everyone" bubble, even my KSP is standalone) - when I buy software, I own that particular instance; fuck clickthru license terms, try Doctrine of Sale.

      --
      Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
    8. Re:Pirated software by romons · · Score: 1

      I've had to remove steam. Boot times are incredibly slow when it is installed. It doesn't install malware; it IS the malware.

      --
      Go to Heaven for the climate, Hell for the company -- Mark Twain
  9. What if... by tnk1 · · Score: 1

    What if I can convince malware that my bare metal is actually a VM? Then will the malware authors work as hard as they can to have their stuff NOT install on my machine?

    1. Re:What if... by dgatwood · · Score: 4, Interesting

      Or just run each app in its own VM so that when it turns rogue, you can cleanly shoot it in the head without any widespread damage.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

  10. This is why Intel wiins and AMD loses by Anonymous Coward · · Score: 0

    AMD can't virtual its ass out of a wet paper bag.

    1. Re:This is why Intel wiins and AMD loses by Anonymous Coward · · Score: 0

      You don't know what you're blathering about.

  11. STDs have been doing this since "forever" by dltaylor · · Score: 2

    There's a gift, which may be ongoing, but it has a nasty payload.

    Never had either an STD or computer malware.

    Paranoia is your friend, 'cause they ARE out to get you.

    1. Re:STDs have been doing this since "forever" by Anonymous Coward · · Score: 0

      What a sad little world you must live in. You will end up passing on genuinely useful things because you will believe "they" might have had a hand in them.

      Reminds me of an episode of Mork and Mindy where Mork becomes afraid of the world and to protect himself locks himself inside an indestructible egg, thereby cutting himself off from the rest of humanity and the joys it brings. Unlike that episode where Mork realizes he has traded his freedom for safety and chooses to escape, I do not foresee an escape for you since I don't think you can see what you are losing to pursue your paranoia.

    2. Re:STDs have been doing this since "forever" by dltaylor · · Score: 2

      It's not that you don't take chances, but that you recognise the dangers and take a few precautions. Not "going down" on the woman you just picked up at the bar might save you a case of HIV (Magic Johnson, for example). Doesn't mean you can't have some fun together, but use condoms, for pity's sake.

      Don't download "cute" crapware. Don't visit sites Firefox and its plugins warn you are attack sites. Don't blindly give away your bank account info (at least in the Corporate States of America, where you have no protection). For example, I have a bank account specifically for PayPal (no credit card for them), and I keep in it just enough to cover my purchases/donations. No glitch, stolen credentials, ... are going to clean out my bank account (no debit card, either). I keep a very low credit limit card for Internet purchases. The theater tickets someone tried to purchase in London cost more than that and triggered a block.

    3. Re:STDs have been doing this since "forever" by Anonymous Coward · · Score: 1

      Except you used the word paranoid. What you are describing is being careful, Paranoid and careful are not the same thing. Paranoid is when a person responds to unjustified fears, or to justified fears in an unjustified way. To quote the definition from Websters "having or showing an unreasonable feeling that people are trying to harm you, do not like you, etc.". Note the word unreasonable. This is what sets it apart from being careful, which I presume you meant.

    4. Re:STDs have been doing this since "forever" by Anonymous Coward · · Score: 0

      It is difficult to get HIV from a woman. Not impossible, but the odds are very low. Now getting HIV from taking it on the butt, it is much more dangerous. And then black woman have a much higher rate of HIV. On all this counts, Magic Johnson is not exactly the best example.

    5. Re:STDs have been doing this since "forever" by Anonymous Coward · · Score: 0

      There's a gift, which may be ongoing, but it has a nasty payload.

      Never had either an STD or computer malware.

      Paranoia is your friend, 'cause they ARE out to get you.

      There's a test to prove you're not currently infected with an STD, but that doesn't guarantee you've never had one.

      There's software to prove you're not currently infected with malware, but that doesn't guarantee you've never been infected before and had your information stolen.

      Good luck on the latter. Your ignorance on the former speaks volumes.

    6. Re:STDs have been doing this since "forever" by Anonymous Coward · · Score: 0

      Never had either an STD or computer malware.

      Being a computer nerd is very good protection against both of these.

  12. Re:RedHat NSA link? by sxpert · · Score: 1

    The NSA are one of their biggest customers

  13. "Evolved strains?" by geminidomino · · Score: 2

    Is this guy new here or what? Ostensibly useful ("friendly", since TFS apparently wants to anthropomorphize software) programs that carry a nasty payload that doesn't trigger immediately? How's that any different from 20 years ago, when they were called "trojans?"

    1. Re:"Evolved strains?" by Anonymous Coward · · Score: 0

      Its a question of the malicious payload's timing. Most malware today acts immediately to burrow into the machine's OS, and to begin performing its nefarious actions such as stealing passwords or harvesting address books. The immediate nature makes it easier to analyze the software to determine if it is malicious and if so what it does. If the malware waits a while before doing anything bad then people analyzing the code may miss that it is bad or miss some or all of the bad things it does. I once heard a person compare malware, at the time computer viruses, to real viruses where if the virus quickly kills the host then it won't spread very far since it will kill its host before it can infect another person and also keep other away. If the virus takes a while before its damaging effects occur but can still infect while the host is apparently OK, it will spread much further. Waiting has its virtues. Still, there were viruses that waited before triggering to allow them to spread, such as the Jerusalem and Michelangelo viruses.

    2. Re:"Evolved strains?" by Anonymous Coward · · Score: 0

      I'll go all 'evil fucking genius' and take this one step further: Have your malware triggered on the update or install of another piece of software. Then it can sit and lie in wait for weeks or months, and for your average IT person, it will seem that it came from a different delivery vector. Installs via a driveby browser plugin, but waits for a Java or Flash update at least a month after install before it becomes active. If you detect it at that point, you trace back the infection to those updates, and follow the red herring of a 0-day in those packages.

      Welcome to your new hell, helpdesk.

  14. Google? by xs400 · · Score: 1

    Wasn't Google set up set up (strike that), transformed to do just this? Along with Facebook and Twitter?

  15. The more that changes... by Ukab+the+Great · · Score: 0

    The Malware of the Future May Come Bearing Real Gifts

    Malware you can't delete off your machine and that destroys your computer slowly, such as Symantec and MacAfee, have gifted users free trials for years.

  16. Hidden malware... MMO Bots by Anonymous Coward · · Score: 1

    There is a site, www.thebuddyforum.com that sells just such a thing. These are the obnoxious bots you see running around your favorite MMORPG, stealing your kills, farming gold, powerleveling, etc. They have to be sandboxed to hide them the anti-cheating tools, and have to run in environments without virus scanners because... they are malware themselves. (In an attempt to sandbox ones of these to get a hash to report to hackshield, my anti-virus software deleted the bot multiple times. Yes I had to ****ing whitelist a piece of malware just to report the malware to the anti-cheating tool company.) It was being triggered by the proactive rules , not actually being flagged as any specific piece of malware (W32:Evo-gen [Susp])

    I hate these bots with a passion, and I probably hold the record on the server I play for bot kills. The bot software is written in C#, so you know these aren't hardcore hackers.

    Now a bunch of players had their "bots" banned, and others are complaining on the game's forum that they've been hacked... gee ya think?

    This is not the only bot software out there, but it is the most known.

    1. Re:Hidden malware... MMO Bots by Anonymous Coward · · Score: 0

      These are the obnoxious bots you see running around your favorite MMORPG, stealing your kills, farming gold, powerleveling, etc.

      If your favorite MMORPG is simplistic enough that it can be so easily botted out, then I'm not sure how it is you find much enjoyment to start with. And if it's stealing your kills, then you either really suck or the game mechanics are horribly broken.

      They have to be sandboxed to hide them the anti-cheating tools

      Anti-cheating "tools" are actually exactly the type of Malware we're talking about here. They are a combination of keyloggers and process sniffers, which scan your computer for signatures of "known cheating software". They are highly ineffective against all but the most novice bot-runners/cheaters, and throw a lot of false positives. The only time they don't get caught by regular AV software is when they are specifically white-listed by the AV companies.
      Most bot-runners use a simple macro program to push keystrokes to the regular client, and write the control logic in some sort of scripting language... maybe python, perl, VBscript, etc. The more advanced cheaters will either use a hacked client program, or even use a transparent proxy on the network to tamper with the packet streams directly.

      A well-made game doesn't need to rely on spyware to prevent cheats and hacks. Client-Server games can be 100% secure, but the Server needs to NEVER trust the data sent by the Clients, and verify everything itself. For games which use peer-to-peer mechanisms, there simply will never be a way to be fully secure against cheats and hacks, because someone will always find a way to make their software lie to the other peers.

  17. Don't most trojans already work kinda like this? by mmell · · Score: 3, Informative

    Malware authors need only take their existing freeware "products" and put a timer in to delay payload delivery. I can conceive of several ways to do this with only minimal effort.

  18. Just because you're paranoid . . . by mmell · · Score: 1

    . . . doesn't mean that they're not out to get you.

    1. Re:Just because you're paranoid . . . by Anonymous Coward · · Score: 0

      Spoken like a true paranoid. Lack of definitive proof of the negative is trumpeted as absolute proof of the positive.

  19. Old Story by bickerdyke · · Score: 3, Interesting

    Reminds me of the late 90s/early 2000s when millions of accounts for a german online service (T-Online) have been stolen - by 3rd party tool for that service that offered additional services including up/downing your connection (which was essential for those high, minute based rates back then. Butso it had your password, of course)

    It was a PITA to convince people to stop using that tool because it was so usefull.

    --
    bickerdyke
  20. They are called trojans by ruir · · Score: 2

    You mean, like trojans inside apps since the 60s? This is a new low even for slashdot.

    1. Re:They are called trojans by Anonymous Coward · · Score: 0

      Can we please stop calling them "Trojans"? The full term is "Trojan Horse," the means used by the ancient Greeks to infiltrate Troy.

      I'd like to be able to discuss the malware threat without constantly being reminded of condoms!

    2. Re:They are called trojans by Anonymous Coward · · Score: 0

      If you think of condoms at the word "trojan", you're not a real geek. And probably American, as well.

    3. Re:They are called trojans by Anonymous Coward · · Score: 0

      I think we should call you Trojan man, not because you get laid a lot, but because you are a dick.

    4. Re:They are called trojans by Anonymous Coward · · Score: 0

      Yeah, I'm American... we have more brands of condoms here because we live in a sexually obsessed yet repressed society!

      And I'd rather be a non-geek who gets laid than a Real Geek like you who doesn't even know what real sex feels like.

  21. Well this makes it easy then.... by Rainwulf · · Score: 2

    To protect yourself from malware, litter your system with artefacts that mimic sandboxes and virtual machines :)

    1. Re:Well this makes it easy then.... by jeffmflanagan · · Score: 1

      >litter your system with artefacts that mimic sandboxes

      I went with a small plastic shovel and pail.

  22. We've Had This For Twenty Years by BattyMan · · Score: 1

    It's called "Microsoft Windows(tm)(R)(c)"

    --
    Exceeding the recommended torque is not recommended.
    1. Re:We've Had This For Twenty Years by Anonymous Coward · · Score: 0

      Mod parent -1: Wasn't Funny The First 10,000 Times

    2. Re:We've Had This For Twenty Years by Anonymous Coward · · Score: 0

      Mod parent -1: Wasn't Funny The First 10,000 Times

      Actually it was, kinda.
      But it got a bit boring those 990,000 times since :(

  23. By this definition, FB and GOOG are malware by cornicefire · · Score: 1

    They rape our privacy for their profit. Now they both happen to be extremely useful and this is their real gift. I'm not sure what the point here is, except that there's a fine line between malware and a $100b company.

  24. The circle comes around by GrandCow · · Score: 1

    We had the "useful" malware back in the 90's. It was called Bonzi Buddy.

    --
    "Well kids, you tried your best, and you failed. The lesson is, never try." -Homer Simpson
    1. Re:The circle comes around by pla · · Score: 1

      Don't forget weatherbug, realplayer, every "coupon" program in existence, Sony rootkits, Diablo 3... I could go on.

      "Malware" has come packaged with semi-useful software right since the beginning. Even the most naive of grandmas don't typically install standalone viruses deliberately.

  25. Shurely Jpegs at this point by Anonymous Coward · · Score: 1

    The Malware of the Future May Come Bearing Real Gifs

    Any sufficiently modern malware produces it's instant gratification in the form of jpegs. Unisys patented porn is now mostly dead pixels and bears.

  26. Obligatory XKCD by Anonymous Coward · · Score: 0

    Useful malware? http://xkcd.com/810/

    Mission fucking accomplished!

  27. Numbers by DrYak · · Score: 2

    Some citations:
    Transmission rates based on infected partner's progression stage
    Risk based on type of sexual act

    It is difficult to get HIV from a woman. Not impossible, but the odds are very low.

    Well, not that low, only half the odds, according to study 2.

    Now getting HIV from taking it on the butt, it is much more dangerous

    Yup. 0.08/0.04 (vaginal) vs 1.4 (annal receptive). About 20x more odds.

    And then black woman have a much higher rate of HIV.

    Technically, its "women in poorer communities". It happens that in the US black ethnic are often at the bottom of the social scale due to past racial discriminations, etc. but even there they are not alone at the bottom of the scale.

    On all this counts, Magic Johnson is not exactly the best example.

    He might happen to also be ethnically black, but given his economical situation and popularity, I doubt that he spends his time banging crack-whores. So the fact that HIV is more prevalent among the poorest section of the population has probably rather little impact.
    Also, for what I know, he was only interested in women, which lack the proper biological appendage to being a risk for insertive annal (though not properly clean sex-toys might still be a potential danger).

    The main reason he caught AIDS are probably due to a high number of partners combined with lack of proper protection.

    In fact Magic Johnson helped bring awareness that HIV isn't exclusively targeting drug-addicts and homosexuals.

    To transpose that to malware:
    the fact that malware are more often found at warez sites ridden with keygen containing hidden malware, and dubious porn site running ads used by hacker to corrupt your system, DOES NOT MEAN that these are the only way a random internet user might get the computer infected by malware.
    on the other hand, proper precaution will ALWAYS be a good solution to protect and diminish the risks. (virus scanner, filters, malware blocker, ad-blocker, VMs, etc.)

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  28. Future? Or today? by Anonymous Coward · · Score: 0

    I know, I'm an AC so what I have to say doesn't count.

    But would anyone trust a program that maintains a VPN tunnel to its maker's servers?
    Such as Teamviewer.

  29. systemd comes on first thought by Anonymous Coward · · Score: 0

    Oh no. It's a classical trojan because it does not even offer real merits as promised.

  30. I encountered one of these YESTERDAY by Applehu+Akbar · · Score: 1

    It started as one of my typical IT service calls: a Windows Vista laptop was clogged with malware and running slowly. I soon discovered that one of the major culprits was Conduit, a virus that wraps itself kudzu-like around browsers, making every Web page it touches into a hijacked slug. But the customer was running Incredimail, a mail client she loved and had been using for years. Apparently not long ago Conduit bought Incredimail and now requires that a certain amount of their malware be running to keep Incredimail going.

  31. Dr. Evil by CaptainLard · · Score: 1

    So black hats are going to spend a bunch of resources making something useful that a lot of people are going to want...and then break their system? Reminds me of when they defrosted Dr. Evil and right after he made his demand for ONE MILLION DOLLARS his minions were telling him their legitimate businesses generated $2billion last year.

    1. Re:Dr. Evil by Anonymous Coward · · Score: 0

      Well, yes.

      How else are they going to get any money for it? The root cause is that people want stuff for free. It's very difficult to generate money from software, and "new business models" are used for many years now. It's simply that the line between ethical and unethical "new business models" is being blurred more and more.

  32. They are already here. by Anonymous Coward · · Score: 0

    Decepticons

  33. Its already happening by Anonymous Coward · · Score: 1

    Its called I-tunes.

  34. Re:Don't most trojans already work kinda like this by guru42101 · · Score: 2

    My mother had a few of those. Some coupon app on her desktop that was actually advertised by her local news station for getting an aggregated searchable list of coupons available and where to acquire them. It did what it was supposed to. It also downloaded and installed additional applications and hijacked your browser (eg: toolbar search goes to their stuff no matter which option you select, added adverts to websites, and displayed popup ads with fake warnings)

  35. network connected medical devices by ihtoit · · Score: 1

    anyone?

    --
    Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
  36. Missing the point... by Anonymous Coward · · Score: 0

    I think a bunch of these comments are missing the point here. There is a lot of "xyz software has some kinda useful tool, but also packages in a bunch of junk." The bigger threat would be if a useful tool that was running fine and earned your trust suddenly backstabbed you. Think of the old timebomb malwares that triggered at a certain date and time.

    Imagine for a minute if every installation of notepad++ suddenly started dumping all pdf and doc files to pastebin. Or exporting database dumps to a CnC server that was spun up 10 minutes before the attack. Or wiped any hard drive it was installed on. How many sensitive systems in your environment would be affected?

    If a malicious actor had the patience to wait 3 years for their malware to trigger, would your security testing be able to catch it early?

    1. Re:Missing the point... by ihtoit · · Score: 1

      that's the point of the trojan - you don't know or care what the real payload is, you're only interested in the kim kardashian nude photos.

      --
      Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
  37. Evolutionary by nebular · · Score: 1

    And I mean my subject literally. This is precisely how we ended up with mitochondria and much of the junk DNA in our genome. Some foreign invader played the long game so well that it just became part of the organism.

    It will be interesting to see if we get to a point where the malware is so useful, that instead of cleaning it out we just find a way to keep the good parts.

  38. You need to get a sense of humor. by mmell · · Score: 1

    Granted, that joke was old when I was young, but still . . .

  39. Re:Don't most trojans already work kinda like this by spockman · · Score: 1

    I also just had to remove something like this from a friends PC. This was a Win 7 and what was interesting was that it was installed as a service. Had to disable the service, remove the folder then remove the service. It was quite well hidden and nasty not fun to get rid of.

  40. Happened a Long Time Ago by painandgreed · · Score: 1

    Back in the late 90's following the idea of real pathogens favoring a long life for their hosts, we talked about how eventually computer viruses would do the same. We joked how they would be built to keep the computer up and running and actually have functions to make it do all the maintenance that normal users never do and that tech support (the jobs we were doing then) would actually advise catching certain viruses to solve hardware issues. This has just about played out. There have long been things like browser bars that while most consider them malware, some users do love them and will insist on installing them if removed because they actually like them. Even in the past, I have seen articles here on /. about how there has been Windows viruses that made the infected computer install needed Microsoft patches to make them safe from competing viruses. As the life of hardware is growing longer, one can expect malware creators to look for the long game and make their programs less conspicuous and perhaps even beneficial for the computer they infect, thus increasing the length that the computer will remain infected before being discarded or rebuilt. Like I said, we've already seen this.

  41. Biggest malware of the future is wellknow by Haricophile · · Score: 1

    Malware of the future is an institutionnal malware :
    https://www.techworm.net/2014/...