I will attempt to shed light on that shadowy underworld of crooks and con artists responsible for the malware plaguing today’s computers. These crooks naturally shy from publicity, are not listed in the Yellow Pages and rarely consent to interviews on the record. So, please choose your favorite adjective to preface any statement about these crooks: “allegedly,” “apparently,” “reportedly,” etc.
The first computer virus was probably written on a chalkboard by some computer programming class teacher in the 1960s while explaining what NOT to do when writing mainframe computer code. The first intentional computer virus “in the wild” was called “Elk Cloner,” written in 1981, to infect the (gasp) Apple computers. For the next two decades, the computer virus was a vehicle for transmitting joke programs and committing electronic vandalism. The desire drove virus creators to show off their programming skills to other programmers, or they were simply driven by psychopathic destructive behavior.
Starting in the early 2000s, this suddenly changed with emerging malware dedicated to pure capitalism. The new generation of malware was designed to extort money from victims and benefit the crooks; new viruses bent only on malicious vandalism then slowed to a trickle. To understand the new paradigm, you just have to follow the money.
Scareware is the name given to infections which present a message claiming the computer is infected, and for a price, it can be uninfected. Of course, this is simply a scam. Ransomware is the newest threat; it encrypts your data then demands a ransom to unlock your files.
Botnets are groups of infected computers controlled by the crooks. Knowing that some websites pay for “clickthrough” advertising, a fraction of a cent for every customer referred, the crooks set up botnets of millions of infected computers and instruct them to click on certain ads. They soon receive legitimate advertising commission checks in the mail.
The 21st century has seen, or not so publicly seen, the advent of organized criminals in the area of cybercrime. Some of these gangs have been traced to former Soviet Bloc countries and other states where law enforcement is lax. This underworld has evolved an infrastructure of disreputable customers and suppliers who, for a price, are willing to provide them electronic “bump keys” so they can commit and profit from cybercrimes.
These crimeware organizations are evil twins of legitimate software companies, with researchers, developers, programmers, and marketers. Among their products is a “development kit” or “crime kit” anyone can use for build-it-yourself malware. Zeus and Spy Eye are do-it-yourself malware construction kits adaptable to the fraud or cybercrime the crook wants to commit. $2,000 is the cost for information on exploiting a certain browser, $2,500 for a Backconnect module telling how to use stolen credit card numbers and launder the money, and the list goes on.
Microsoft Windows has been the most targeted operating system until now, but crimeware development tools are available for exploiting Mac, Android, and iOS—so, look out.
Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981, and now practically a full-time resident. He may be contacted at 415 101 8528 or email FAQ8@SMAguru.com.