What I mean is if my computer is hacked is there somebody I can contact that’ll track down and arrest these bozos?
Unless you have some serious financial losses because of it, basically, no. If you are something like a major business and lose a ton of money to some kind of illegal activity, but the cost of a virus cleanup isn’t going to be something your average police dept is going to care about.
Malware is illegal in a lot of jurisdictions, but there isn’t somebody that you can contact to track down and arrest those bozos.
One problem is that tracking down those bozos can be damn near impossible. Let’s say your computer got hacked. What sorts of logs do you keep regarding your network traffic? If you are an average user, probably none. So there’s no evidence at all about who infected you. But then, what if you are someone who keeps these sorts of logs? Well, then you find out that the person responsible for hacking your computer was some middle aged housewife in the middle of Iowa. Only she barely knows how to turn her computer on. Some hacker decided to turn her computer into a zombie, so she has been sending out infections all over the internet and hasn’t realized it. So now what? There’s no evidence on this housewife’s computer about where the original infection came from, so your trail runs cold right here.
And what if by some miracle you do happen to track down the original guy who started the malware, and he happens to be in some place like Nigeria? Are you going to ring up the Nigerian police and expect them to help you? They will recover lots of money for you, and they only need your bank account information so they know where to deposit your recovered millions of dollars (paging Crandall Spondular…).
It’s not all bad news, though. Earlier this month, police in Spain arrested 3 people who were responsible for malware that infected about 13 million computers.
Here’s the thing, though. Police are going after guys like that, who infect millions upon millions of computers. They don’t have the time or resources to go after small time hackers. If you are just one person with one infected computer, the police don’t really have the time or resources to help you.
From everything I read this appears to be a trojan that’s infected thousands of peoples computers. Probably not a lot of financial loss but certainly a lot of wasted time.
Another part of the problem it that quite often the source code for these viruses is shared and modified by dozens of people and can have a dozen different superficial appearances, while being the same underlying virus.
So saying you have winantivirus2010/2009/xp/etc. They can be driven by different virii or the same ones. It’s like identifying a mushroom, only the pros really know what is what.
So you have dozens of people, dozens of variants, and extreme difficulty sorting the criminal from the victims, and the losses of an individual victim is often a few hours of wasted time. Wasting someones time does not draw much law enforcement attention.
Writing a virus isn’t illegal. Back in the early '80s, I read the original academic paper proposing the idea of self-replicating code (aka virus), and thought “ooh, neat. I wonder if I can write one?”, so I did. Never released it in the wild, so no-one’s machine was damaged. No illegal action on my part. That said, if I write one, and give it to you, I’m not responsible for the evil purpose you put my creation to. You are. So, law enforcement has to not only find out where it came from, they have to determine who was the evil bastard that decided to do something evil with it. This is a non-trivial distinction that has to be made, before they can bust someone.
This is also a very good point. I’ve been collecting viruses since the late '80s, when they started to be common, and just pulling an example out of my ass, there’s “Murphy”. Hundreds of variants, all sharing 90 % or more of their code. I had 2 cats, one named Murphy, the other named Puddin. My niece’s favorite was Puddin (mine too, but don’t let Murph hear that (Puddin’s dead, Murph is still “with us”, but we STILL have problems with the other cats feeling “Puddin’s cold, dead paw”)). She saw virus named Murphy, and asked why there wasn’t a Puddin virus. So I modified the code on one to say “Puddin” instead of “Murphy”. Changed 6 bytes. That’s it. Trivial. Niece was happy (I think she was about 5 years old at the time). Virus scanners all reported it as “Unknown Murphy Variant”. How are law enforcement people supposed to deal with that, when it can be changed that easily?
Clothing from The Gap? It oughta be.