#50 Virus writers go under the radar
In what is certainly disturbing news, Kasperspy Labs reports that Virus authors are choosing not to create global epidemics--such as Melissa, Netsky, MyDoom or Blaster--because that distracts them from their core business of creating and selling botnets.
In a previous blog entry I warned that the 2004/5 virus outbreaks were merly the sideshow for what is nothing more than a "landgrab" by hackers aiming to grow their botnet armies for the purposes of selling them off to organised crime. (Botnets are groups of computers that have been infected by malware that allows the author to control the infected PCs, and then typically use them to send spam or launch DDoS attacks.)
Speaking at the AusCERT conference on Australia's Gold Coast on Tuesday, Eugene Kaspersky, founder of Kaspersky Labs, said that the influence of organised crime on the malware industry has led to a change of tactics, echoing comments made in March of this year by Mikko Hyppönen of F-Secure. Instead of trying to create viruses and worms that infect as many computers as possible, malware authors are instead trying to infect 5,000 or 10,000 computers at a time to create personalized zombie armies.
I think there is another psychological factor we are missing here - the hackers have become acutely aware that the massive outbreaks create all kinds of hype and press coverage and "tip off" the users to be more wary, or even worse clean up their PC's whereas by "toning down" their infection strategies they slip under the radar and get to implement their dastardly deeds.
Ever wondered why none of these viruses etc. actually cause any damageto the infected host? The only damage we ever witness is the flood of spam or traffic when the virus attempts to replicate itself.
In a previous blog entry I warned that the 2004/5 virus outbreaks were merly the sideshow for what is nothing more than a "landgrab" by hackers aiming to grow their botnet armies for the purposes of selling them off to organised crime. (Botnets are groups of computers that have been infected by malware that allows the author to control the infected PCs, and then typically use them to send spam or launch DDoS attacks.)
Speaking at the AusCERT conference on Australia's Gold Coast on Tuesday, Eugene Kaspersky, founder of Kaspersky Labs, said that the influence of organised crime on the malware industry has led to a change of tactics, echoing comments made in March of this year by Mikko Hyppönen of F-Secure. Instead of trying to create viruses and worms that infect as many computers as possible, malware authors are instead trying to infect 5,000 or 10,000 computers at a time to create personalized zombie armies.
I think there is another psychological factor we are missing here - the hackers have become acutely aware that the massive outbreaks create all kinds of hype and press coverage and "tip off" the users to be more wary, or even worse clean up their PC's whereas by "toning down" their infection strategies they slip under the radar and get to implement their dastardly deeds.
Ever wondered why none of these viruses etc. actually cause any damageto the infected host? The only damage we ever witness is the flood of spam or traffic when the virus attempts to replicate itself.
posted by Dwaine at 5/27/2005
0 Comments:
Post a Comment
<< Home