More than 70% of virus writers are now writing spyware under contract, one more piece of evidence that hacking has evolved from mischievous hobby to money-making criminal venture.
More than 70 percent of virus writers are now writing spyware under contract, one more piece of evidence that hacking has evolved from mischievous hobby to money-making criminal venture, a security firm reported Monday.
Tel Aviv-based Aladdin Knowledge Systems said its analysis showed that spyware is the favorite among malware writers, since it lets them re-wrap their own "technology" and sell it, or even introduce their own money-making ventures.
"We analyzed all the viruses we received during the past six months, and found that 70 percent contained some sort of spyware module or component," said Shimon Gruper, the vice president of technologies in Aladdin's eSafe unit. "Writers have definitely moved from creating simple viruses to sophisticated 'machines' designed to hijack computers and the information on them."
The bulk of the spyware being created by hackers, said Gruper, linked to organized crime. "They're doing it for financial gain, pure and simple," said Gruper. "Unlike in the past, when hackers were mostly 'script kiddies' who had nothing better to do, it's quickly becoming more of an organized crime venture."
Gruper's take mirrors that of most security analysts, who have been tracking a shift in hacker motivation over the past 12 to 18 months. Symantec, for instance, noted in its recent Internet Security Threat Report that "the use of malicious code for profit appears to be an increasing concern," particularly in bot networks.
Aladdin didn't concentrate on bots, but instead did detailed comparisons of spyware it found on sex-related Web sites, and found, Gruper said, that most shared multiple characteristics. "We believe that the same programmers wrote the bulk of the spyware being planted by these sex sites," he said.
Gruper's security team also found other connections between the viruses and worms it studied, and much of the spyware it analyzed. "When we started tracking spyware, we suspected that this was a trend, hackers turning to spyware for profit. After we decoded the viruses and compared their code with that of spyware, we confirmed the similarities. There were a lot of similar components in both the viruses and in the spyware."
Aladdin, added Gruper, is confident that even more spyware applications will be linked to organized crime in the future, such spyware created by new alliances of those with the technical resources (hackers) and those with the resources to turn stolen data into cash (criminals).
One thing that Aladdin's not yet seen, said Gruper, is a true blend of virus/worm and spyware. In that scenario, worms would be built to exploit known vulnerabilities or try to trick users into opening file attachments that would then infect systems with spyware.
"It's certainly possible, but most companies have anti-virus defenses that are hard to penetrate," he said. "Yet very few companies have Web browsing content protections."
The most likely exploitation route for spyware will remain malicious Web sites, where visitors are infected with spyware, often via vulnerabilities in Microsoft's Internet Explorer, said Gruper.
"These people are professionals," concluded Gruper, "trying to do very malicious things."
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2018 State of the CloudCloud adoption is growing, but how are organizations taking advantage of it? Interop ITX and InformationWeek surveyed technology decision-makers to find out, read this report to discover what they had to say!
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.