How is malware not just ridiculously illegal?

You know the stuff that installs itself on your computer, unknown and without permission, and then (falsely) tells you you have a virus, and the only way to get rid of it is to buy their program? How is this stuff not like federal PMITA prison illegal? Presumably it’s very traceable, since they’re selling something. It’s like pooping in someone’s face and then selling them poop-remover. I’m pretty sure I’d be thrown behind bars for that, but these malware authors are apparently having a ball.

Similarly, any virus or malware, etc that isn’t just plain malicious and is meant to serve the purpose of helping someone gain from infiltrating your computer, must surely leave a trail back to someone/somewhere?

Can we have a quick reminder of the most common reasons for people trying to install this crap on our pc’s?

What makes you think it isn’t illegal, and that its purveyors aren’t being pursued by legal authorities? Quite likely new concerns are popping up faster than law enforcement can deal with them. And doubtless many of the people writing and benefitting from this software are based in countries like Russia and China where the state resources may not exist to mount an effective investigation and prosecution.

It is illegal, but enforcing the law is very difficult. From the bad guys’ point of view, it’s a very easy scam to run and the potential ‘return on investment’ is very high. It can be very difficult indeed to trace the problem back to a specific individual who can be successfully prosecuted for the crime, and in many cases this would require the authorities of different countries to co-operate.

It also is often an international problem. The major malware culprit (Antivirus 360 and other fake antivirus software) is based in Russia. Their software checks to see if the computer uses Russian as its language. If it does, the software won’t install. So you have Russian nationals who aren’t doing anything to computers in Russia. The Russian authorities get no complaints from their countrymen. Complaints may come from all over the world, but they get a lower priority.

The most common reason for malware these days is money. It’s a combination of getting suckers to pay for the fake antivirus and using infected machines as bots attack websites, and then extorting money from them (“Too bad if your website is down during the Christmas rush. $10,000 will protect you.”).

You need to find the culprits and then get the authorities in their location interested in arresting them. And the culprits can just hop a flight somewhere else and you have to start all over again.

It is illegal. When that brand of malware came out, Microsoft worked with the federal government to shut down the company responsible for it. Since then, its gone underground, but its still very active. These people still have the ability to process credit cards so they really dont need a company or office or anything to continue to scam.

And as others have mentioned, these people are most likely working from Russia (Brian Krebs has revealed this) thus its a difficult international problem outside the scope of the FBI.

And yet bloatware appears to be perfectly legal, in spite of the fact that it often causes many of the same types of problems as malware!