Malware Attribution: Should We Identify the Crooks Who Deploy It?

Brian Krebs asks: What makes one novel strain of malicious software more dangerous or noteworthy than another? Is it the sheer capability and feature set of the new malware, or are these qualities meaningless without also considering the skills, intentions and ingenuity of the person wielding it? Most experts probably would say it's important to consider attribution insofar as it is knowable, but it's remarkable how seldom companies that regularly publish reports on the latest criminal innovations go the extra mile to add context about the crooks apparently involved in deploying those tools.

Like Sourceforge?

[nt]

Re:No don't it will only create notoriety

[jellomizer]

For many of these folks, they don't see themselves as being the bad guy. But Innovative entrepreneurs, or activist for some cause.
They don't seem to realize, how much harm they are actually causing.

This notoriety, could be similar to the notoriety a sex offender has. Not of a lone rogue, fighting the good fight while bucking the system. But as that creepy guy who has access all your personal data, and will use it to profit off of it, and causing people like your grandmother to suffer, during their golden years.

No different than anything else

[ScentCone]

It's no longer fashionable to associate human character, judgement, and action with unpleasant results. Malice? There is no malice. There is only the problematic tool or technology, against which we should rage. It's not murder, it's a "gun death." It's not a reckless jackass badly flying a GoPro in a crowded place, it's a "drone incident." It's not a bad driver, it's another "SUV death." It's not a criminal trying to steal your savings or reputation, it's "malware."

Talking out loud about how actual humans are responsible for the stupid or evil shit they do is no longer acceptable. That would mean assessing their intelligence, or making a considered moral judgement, based on some sort of, you know, identifiable value system. We can't have that! We'd need to post Trigger Warnings near any discussion that might result in the horrifying prospect of recognizing that not everyone is as smart as everyone else, or calling an evil actor evil, because, you know, judging. Much better to talk only about the scary tools, never about the people. Hey, Russian credit card scammers and bot farmers are really the victims, here - the malware made them use it. Probably of some sort of western patriarchal influence and whatnot.

That is not the real problem

[s.petry]

Most malware is hosted and served out by businesses most people consider "legit". This is second only to Governments who infect millions of devices often inadvertently.

In both of those cases, there is no use in reporting. Oh yeah, some schlep will probably be made to be a fall guy but the shit storm will still be there churning out shit.

Report when the correct people can be, and are, held accountable for their actions. Until then, all men are created equally and have the same rights under due process. If one class of people puts themselves above the law, the laws are invalid. Unfortunately this is a cyclical problem in history. Expect vigilantism to increase until things are put back into balance.