Feeds

'White collar' virus writers make cash from chaos

Malware Inc.

  • alert
  • submit to reddit

Secure remote control for conventional and virtual desktops

Virus writing has changed from a cottage industry to a commercial enterprise, according to Sophos, the anti-virus firm Sophos. It reports a 51.8 per cent increase in new viruses in 2004.

Many of the 10,724 new viruses (up from 7,064 in 2003) surrendered control of infected PCs to virus writers, for use in distributing spam or launching DDoS attacks. Graham Cluley, senior technology consultant at Sophos, said “Virus writing has become more about trying to generate money than creating mass mailing worms”.

The increased prevalence of rogue dialler Trojans, which change victim’s net settings to dial expensive premium rate accounts, and the use of keylogging Trojans in phishing scams are examples of how virus writers can make money. Sophos estimates 40 per cent of spam comes from infected computers, another way for malware authors to cash in.

According to Sophos, this new breed of commercially motivated virus writers may be new to the scene. “They are less likely to brag about their exploits but police have the possibility of finding them by tracing the money trail from other cybercriminals,” Cluley says.

This year saw an upsurge in arrests of virus writers, most notably Sven Jaschan, the self-confessed author of the infamous NetSky and Sasser worms. The German teenager wrote his malware in a misguided attempt to remove spam-friendly viruses such as MyDoom from infected PCs. Instead he created a monster.

NetSky-P accounted for almost a quarter of virus incidents reported to Sophos, topping its annual chart. Five NetSky variants made it into Sophos’s top 10. So Sven Jaschan was responsible for more than 50 per cent of all virus incidents reported to Sophos in 2004.

All of the top 2004 viruses only infect Windows PCs and most are causing problems months after their initial discovery. Concerns about smartphone viruses are overhyped, says Cluley, who warnes that virus writers are likely to continue targeting Windows PC in 2005 and beyond. Sophos calculates there are now 97,535 viruses in existence. ®

Top ten viruses in 2004, according to Sophos

  1. NetSky-P
  2. Zafi-B
  3. Sasser
  4. NetSky-B
  5. NetSky-D
  6. NetSky-Z
  7. MyDoom-A
  8. Sober-I
  9. NetSky-C
  10. Bagle-AA

Related stories

Sasser kid blamed for viral plague
NetSky tops virus charts by a country mile
Zafi-b speaks in many tongues
Who would you like to attack today?
Gadzooks! My PC has the pox (virus cleanup workshop)

Beginner's guide to SSL certificates

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.