I was reading this thread in GQ, and was just wondering what the purpose these viruses serve, other than being a pain in the ass and generating millions for anti-virus software companies.
My cynical side thinks there is a group of people on one side of the building at Norton creating these things, while the solution is passed to the other side of the building to sell as part of Norton.
When one is attacked by a virus, are they more willing to turn over a credit card number to a stranger? My personal guard goes up… I lock down the computer, try to isolate as much as possible, and attempt to remove. I’m not giving my personal info to anything or anyone on line until I’m satisfied that things are back to normal.
I realize nothing is perfect, but some of these viruses are very sophisticated and are not whipped up overnight. Significant time and resources are invested to create them. Are they still being created by “hackers” for kicks?
In case you didn’t catch it, in my OP that sentence was supposed to be sarcasm. I don’t want to get caught up in this discussion…
I’m genuinely curious as to what continues to drive these people? And also, why DOESN’T someone go after a Mac?
I understand the Mac is not going to give you the volume, but if you are a hacker and can screw with every Mac out there, you would certainly get the attention you crave.
The majority of viruses are written by organised criminals, and it’s been that way for years. They try to turn your PC into a spambot, botnet or fill it with pop up advertising. Or occasionally they install a keylogger in the hope of stealing credit card or bank information.
Most viruses are written, as ramel says, by people expecting to profit from the exercise by turning infected computers into slaves. However, there is still a breed of virus writer who does it mainly as a technical challenge, in a bid to find clever new ways to discover weaknesses and exploit systems, to see how fast they can make their virus spread, etc. They get off on knowing more than the rest of the world, at being better at their little game than big companies like Microsoft, McAfee, Symantec, etc.
And as to Mac malware, there have been a couple in the news just lately - Mac Defender exploited a vulnerability; that vulnerability was patched; and the patched vulnerability was exploited again. Malware for Macs has not been widespread because there isn’t much return, either in the form of profit or notoriety. As popularity increases and Apple becomes a juicier target, the number of exploits is likely to rise.
Until recently no-one bothered, but that will change. I’m expecting iPad viruses pretty damn soon. I love the way people think Macs are somehow immune to viruses. That’s a great big opportunity right there for a clever hacker.
When I started using Linux, I looked around for anti-virus and firewall software, only to discover that (unlike Macs) there really aren’t any “wild” Linux viruses (there are a few that were created for the challenge of it, but they never spread) and that the concept of a Linux firewall is redundant. If you really want to be safe from internet crap, use Linux. Also it allows you to feel superior to Windows users and Mac fans.
It’s a user thing, rather than being something that’s built into the software: what do you think when you hear the phrase “Mac user”? I think “person with more money than sense”. Linux users are more likely to be people who actually know how to use their computers. Macs are, famously, designed for people who don’t want to mess around with all that complicated stuff.
So, if you’re a virus maker, who are you going to target?
What you have described is the only redeeming feature of the appstore. Any virus would have to somehow run without being in a program, assuming the store does its job of vetting out code. Now, it if only didn’t also decide what types of apps were okay, and Apple wouldn’t go to so much trouble keeping you from optin out, I wouldn’t have a problem with it.
As for malware: what you see is usually not the purpose of the code. The purpose is, as stated, to serve you ads, take your information, or use your computer to do stuff so a hacker doesn’t get caught. The rest of the symptoms are mostly side effects.
There are people who hack just to hack, but, seeing as you now can get paid to do that, it’s not as lucrative an idea to do it in the wild. White hat hackers try to break into things, and then essentially sell that information to the software company so they can fix the bug.
And while you say it was a joke, I do want to touch on the conspiracy theory. I don’t really see how a scam would work. An individyual worker who constantly produces exploitable code would get fired, and most software security updates are free, thus ruling out group activity. And, with antiviruses, some other company will likely also create a fix, and you won’t get money. And most people use free antiviruses, anyways. And antiviruses cost the same amount whether there are new virus fixes or not. You’d need every antivirus company in the world working together.
It wouldn’t suprise me if a freelance white hat hacker would release something in the wild for that reason, though. But, believe me, if anyone ever found out, it would be his head. See what happened with the bricker trojan for the Nintendo DS. And that was the most unsophisticated malware ever: a program that pretended to be porn but instead incorrectly flashed the BIOS.
Then of course there is the Stuxnet worm, which may have been developed by governments or intelligence agencies, as a strategic weapon against another nation.
But we can’t be sure who created this worm, nor can we know how common these kinds of attacks are. It would usually be in the best interests of both the attackers and victims to keep successful strikes quiet.
Virus writers make big money by selling “solutions” to the infection. The numbers a few years ago were in the millions of dollars. There are still people dumb enough to pay $40 to the malware writers to clean their computers.
In addition, as others have said, the malware writers set up botnets of thousands of computers under their control. They then blackmail websites, threatening to unleash a distributed denial of service attack on them during their busiest season (for a retailer, say, Christmas). The website pays the blackmail because they would lose considerably more if they were unreachable for a few days.
There is also keylogging and such, but that’s not all that lucrative.
The single hacker creating malware is an archetype that hasn’t been prominent for at least five years.
Anti-virus software and service companies do conspire to promote sales of their products by popularizing the notion of malware attacks and inflating the scale of the problem with unsubstantiated reports of attacks. It is not uncommon for a crash unrelated to ‘infection’ to be blamed on a ‘virus’. Malware is often blamed to coverup mistakes (a computer virus ate my homework). There are also occasions where anti-virus software misidentifies legimate software as a threat, which increases reports of incidents. Altogether, hyping the virus threat encourages lone hackers to create and spread vandalware based on an inflated impression of it’s ability to propogate and damage.
Anti-malware product providers usually do not promote comprehensive security plans, but instead concentrate on presenting their products as complete solutions. Security service providers promote protection in multiple forms through password protection, access limitations, permission control, software scanning, network hardening, encryption, secure communications, verification systems, among others.
Since the start of the anti-virus software market people have suspected that the providers could create demand for their products by spreading viruses. Their own software would be the perfect carrier since it’s relied on to find the infection. However, ever since the first popular reports of viruses, the market has been self-sustaining. There are too many people creating destructive software for many reasons to give an anti-virus company an incentive to create malware. It is a very competitive market covering the broad range of computer and network security. One company creating a threat has no guarantee of bringing new business to that company, because once a virus is identified, many providers will offer solutions.
Ironically enough, the folks who are absolutely certain that Macs are immune to vira are safer than the ones who aren’t sure. The only malware attacks that actually get through on Macs are the ones that masquerade as being security programs. Someone who thinks that a security program is actually necessary might install and run such a program, whereas someone who “knows” that it’s not necessary won’t bother.
And don’t get too smug about Linux, either: Attacks like that can work against any operating system. If there aren’t any for Linux, then that really is just because the low market share means nobody bothers.
