Sunday, December 9, 2012

Why do People Create Viruses?

As a computer technician, my clients frequently ask me “Why do people create computer viruses?”, especially after I have been called out to remove a virus from their computer. This is what I tell them.
There are hundreds of thousands of viruses out there (if not millions) and they often designed for different objectives. Most of them fall under the following categories:
  • To take control of a computer and use it for specific tasks
  • To generate money
  • To steal sensitive information (credit card numbers, passwords, personal details, data etc.)
  • To prove a point, to prove it can be done, to prove ones skill or for revenge purposes
  • To cripple a computer or network
To Take Control of a Computer and Use It for Specific Tasks
This is the most common type of virus, which is better classified as a trojan. These types of viruses are usually downloaded unknowingly by the computer user thinking that the file is something else, such as a file sent from a instant messenger friend or email attachment.
Once the host computer has been infected (known as a zombie computer), the trojan joins a private chat channel and awaits orders from its “Zombie Master”. This Zombie Master who is often the virus creator, will gather thousands of infected machines called a botnet and use them to mount attacks on web servers. The Zombie Master can command each of these infected computers will send a tiny bit of information to a web server – because there are potentially thousands of computers doing this at once, it often overloads the server.
The Zombie Master may want to do this to another website because it is a rival website, a figurehead website (such as whitehouse.gov) or it may be part of an extortion plan. “Send me $5000 or your Toy selling website will be offline over the Christmas holidays”.
The Zombie Master can also use these infected computers to send spam while the zombie master remains anonymous and the blame goes to the infected computers.
i Robot: This movie was definitely about a DDOS
To Generate Money
These types of infections often masquerade as free spyware or virus removal tools (known as rogueware). Once ran, these fake applications will “scan” your computer and say it found has someviruses (even if there arent any) and in order to remove them, you must pay for the full version of the application. A good example of such a infection is called Myzor.fk whichwe have written about in the past.
Steal sensitive information
These types of viruses can sniff the traffic going in or out of a computer for interesting information such as passwords or credit card numbers and send it back to the virus creator. These types of viruses often use keylogging as a method of stealing information where it maintains a record of everything that is typed into the computer such as emails, passwords, home banking data, instant messenger chats etc..
The above mentioned methods also allows an attacker to gather an incredible amount of data about a person which can be used for identity theft purposes.
To Prove a Point, To Prove it Can Be Done, To Prove Ones Skill or For Revenge Purposes
A perfect example of this type of virus was the famous MS.Blaster virus (aka Lovesan) which infected hundreds of thousands of computers back in August 2003.
This virus would cause the system to restart after 60 seconds and had two hidden messages written in its code:
One was “I just want to say LOVE YOU SAN!!” which is why the virus is sometimes called Lovesan, and the other message was “billy gates why do you make this possible ? Stop making money and fix your software!!”
It is believed that purpose of this virus was to prove how easily exploitable a Windows system is.
To Cripple a Computer or Network
Few viruses now days are intended to disable a computer because it stops viruses ability to spread to other computers. Computer crippling viruses still exist, but nowhere near as common as the viruses mentioned above. The worst type of computer crippling viruses were back in the days of the 486 computers where the virus would overwrite the Master Boot Record (MBR) of the computer which would often prevent the computer from starting up at all.
Unlike computer crippling viruses, network crippling viruses are all too common now days. Most viruses that are designed to launch a Denial of Service attack will cause a significant load on a computer network, often bringing it down completely.

No comments:

Post a Comment