Security Firm Mistakes Malware Writers' Trickery For Decline In Virus Problems

from the semantics dept

Anti-virus firm Kaspersky Labs says that virus writers are running out of ideas, and that they’ve reached a stalemate with AV companies. It seems like they’re splitting hairs: perhaps viruses aren’t causing the problems they used to, but there are plenty of other other security problems that continue to grow. For instance, spam is on the upswing, and it’s stemming from a new type of botnet. Kaspersky ought to be familiar with it, since the trojan it uses to spread itself around carries a pirated version of Kaspersky AV software, which it uses to remove any other malware on the recipient’s computer, which could be competing for resources. The semantics of what is or isn’t a virus aside, all that’s happening is malware authors are continuing to focus their efforts in areas that promise the most financial gain, and this dictates a change in tactics. They’re shifting away from large-scale attacks that cause a lot of havoc — but not necessarily a lot of profits — and working to cover the tracks of smaller attacks that can, they hope, go on undetected for a longer time. To suggest that antivirus companies’ work is done is disingenuous; all that’s happened is the threat has shifted, and as the recent deluge of spam highlights, they’ve got plenty of work to do.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Security Firm Mistakes Malware Writers' Trickery For Decline In Virus Problems”

Subscribe: RSS Leave a comment
Mike Wright says:

"Malware" and "Virus" in the same headline... Grr

FTA: “The semantics of what is or isn’t a virus aside, all that’s happening is malware authors are continuing to focus their efforts in areas that promise the most financial gain, and this dictates a change in tactics. “

That happened a long time ago, way back when the whole purpose of writing a virus was so a mischevious programmer could add his signature to an existing piece of software and then see how many other computers would be infected by people transferring floppies from one computer to another.
The original viruses were simply a few extra bytes added to the end of an .exe or .com file, and usually the only people who would ever see it (or care, or understand) were other programmers.
Financial gain was never something that the author was after as a result of his work; the bragging rights were the currency that they saved up.

Malware authors have as much in common with the original virus authors as modern-day “hackers” have in common with the true code-writers from ‘back in the day’.
Adware, pop-ups, spam… this is just a bunch of BS written by people who don’t posses the skills to write useful apps.

Squall says:

Re: "Malware" and "Virus" in the same headline...

I think that it would be interesting if the smart coders (the ones that used to write the viruses) would write some viruses that could clean up these bot-nets.

Only problem I see with this approach is the fear of being sued or thrown in jail because somebody just doesn’t Get It(tm).

Rico J. Halo (user link) says:

Re: Re: Re:

I have used Trend Micros Office Scan at work for 5 or 6 years now. The only time weve had any sort of outbreak was when a tech connected a clients nimda infected server to our network without bothering to check with anyone. It immediately infected a half dozen servers but Trend knocked it down immediately on all but one of them. I watched it fighting the nimda bug on a database server for about 45 min and honestly it was a vicious battle. But it did kill it eventually. We lost a lot of data files that the nimda bug corrupted but as always had a backup less than 24 hrs old. I think the virus writers are getting smarter but the AV industry has gotten geometrically smarter in comparison. I can go a couple months at a time without having to login to the Trend Micro console. It just works. 🙂

byte^me says:

Does this really matter?

I question how many true “viruses” are still common these days anyways. But, more to the point of the article…..

How many malware writers have really had any new ideas for years? Sure, there were a few who had some decent programming skills, but the majority are just script kiddies reusing someone else’s code and making a few changes. Or, if they can write code, just changing their own code a a little bit. Either way, there have been very few new ideas.

I also think that they have realized that causing widespread havoc draws bad attention to, so why not keep things small and make a few $$$ while you’re at it? Plus, you can still work on bragging rights.

And, I agree with Mike. Most of them are no where near the hackers of old. Honestly, I think the majority of true *hackers* have now gone at least somewhat legitimate. While they might create tools that can be use for malicious purposes, they have found it much more profitable to help the security pros by creating tools to help find and fix the problems instead of creating more.

Anonymous Coward says:

One needs to understand the various definitions of all the terms floating around. Worms, trojans, viruses, spyware, etc., all have very different attributes and purposes. An actual virus is a piece of code meant to delete data, crash systems, and cause other sorts of mayhem. A worm is a little app that burrows into your system, trying to find data to steal from you, not delete said data. And I think we all know what adware and spyware do.

I would say, from what I’ve seen, that actual “virus” outbreaks have been dying down for quite some time now, whereas other forms of malware attacks are on the rise. One thing to keep in mind is that a good share of the “viruses” that have shown up throughout history have been from mischieveous kids with nothing better to do than vandalize people’s computers. The problem with things like spyware and spam is that the ones behind it are individuals, companies, and even sometimes corporations that stand to profit from the attacks. Because money is the motivation, that’s why the new attacks are so much more of a problem. The phrase “if there’s a will, there’s a way” takes on new meaning when the word “profit” enters the picture.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...