Home Back Forward Print Close  
Viruses, Worms & Trojans

 

 

 

 

Viruses - Computer viruses are software programs deliberately designed to interfere with computer operation, record, corrupt, or delete data, or spread themselves to other computers and throughout the Internet, often slowing things down and causing other problems in the process. Basic viruses typically require unwary computer users to inadvertently share or send them.
Worms - Worm viruses that are more sophisticated and can replicate and send themselves automatically to other computers by controlling other software programs, such as an e-mail sharing application.
Trojans - Programs that, when installed on your computer, enable unauthorized people to access it and sometimes to send spam from it.


How does a Trojan work?
First the Trojan must be delivered to your computer. This can be accomplished in many ways, through an e-mail worm, or hidden in another executable program like an mp3 song or a free game or picture. Running the program installs the Trojan on your computer. The Trojan is really two programs in one. The first part is called the "client" and is used by the hacker to control the victim's computer. The client is not installed on your computer but on the hacker's. The second part is the "server" and it is installed on your computer. Once executed this "server program" will provide information to the client program upon request. This server program once installed hides itself on your computer and will run automatically every time you start the computer.

How can I get infected by a Trojan?
Trojans can be embedded in any executable file. The critical thing here is that the file must be executed to install the Trojan on your computer. Trojans can be sent via e-mail, ICQ, mIRC or IRCLE, FTP, Freeware or Shareware programs, mp3 and even movies.

 

Why write viruses?

 

Fraud

 

The computer underground has realized that paid for Internet services, such as Internet access, email and web hosting, provides new opportunities for illegal activity with the additional satisfaction of getting something for nothing. Virus writers have authored a range of Trojans which steal login information and passwords to gain free access to other users' Internet resources.

The first password stealing Trojans appeared in 1997: the aim was to gain access to AOL. By 1998 similar Trojans appeared for all other major Internet service providers. Trojans stealing log in data for dial-up ISPs, AOL and other Internet services are usually written by people with limited means to support their Internet habit, or by people who do not accept that Internet resources are a commercial service just like any other, and must therefore be paid for.

For a long time, this group of Trojans constituted a significant portion of the daily 'catch' for antivirus companies worldwide. Today, the numbers are decreasing in proportion to the decreasing cost of Internet access.

Computer games and software license keys are another target for cyber fraud. Once again, Trojans providing free access to these resources are written by and for people with limited financial resources. Some hacking and cracking utilities are also written by so-called 'freedom fighters', who proclaim that all infomation should be shared freely throughout the computing community. However, fraud remains a crime, no matter how noble the aim is made out to be.

 

Organized cyber crime
The most dangerous virus writers are individuals and groups who have turned professional. These people either extract money directly from end users (either by theft or by fraud) or use zombie machines to earn money in other ways, such as creating and selling a spamming platform, or organizing DoS attacks, with the aim here being blackmail.

Most of today's serious outbreaks are caused by professional virus writers who organize the blanket installations of Trojans to victim machines. This may be done by using worms, links to infected sites or other Trojans.

Bot networks
Currently, virus writers either work for particular spammers or sell their wares to the highest bidder. Today, one standard procedure is for virus writers to create bot networks, i.e. networks of zombie computer infected with identical malicious code. In the case of networks used as spamming platforms, a Trojan proxy server will penetrate the victim machines. These networks number from a thousand to tens of thousands of infected machines. The virus writers then sell these networks to the highest bidder in the computer underground.

Such networks are generally used as spamming platforms. Hacker utilities can be used to ensure that these networks run efficiently; malicious software is installed without the knowledge or consent of the user, adware programs can be camoflaged to prevent detection and deletion, and antivirus software may be attacked.

Financial gain

Apart from servicing spam and adware, professional virus writers also create Tojan spies which they use to steal money from e-wallets, Pay Pal accounts and/or directly from Internet bank accounts. These Trojans harvest banking and payment information from local machines or even corporate servers and then forward it to the master.

Cyber extortion

The third major form of contemporary cyber crime is extortion or Internet rackets. Usually, virus writers create a network of zombie machines capable of conducting an organized DoS attack. Then they blackmail companies by threatening to conduct a DoS attack against the corporate website. Popular targets include estores, banking and gambling sites, i.e. companies whose revenues are generated directly by their on-line presence.

Other malware

Virus writers and hackers also ensure that adware, dialers, utilities that redirect browsers to pay-to-view sites and other types of unwanted software function efficiently. Such programs can generate profits for the computer underground, so it's in the interests of virus writers and hackers to make sure that these programs are not detected and are regularly updated.

In spite of the media attention given to young virus writers who manage to cause a global epidemic, approximately 90% of malicious code is written by the professionals. Although all of four groups of virus writers challenge computer security, the group which poses a serious, and growing threat is the community of professional virus writers who sell their services.